COMPUTER SYSTEMS RESILIENCE IN THE PRESENCE OF CYBER THREATS: TAXONOMY AND ONTOLOGY

Сергій Миколайович Лисенко, Вячеслав Сергійович Харченко, Кіра Юліївна Бобровнікова, Роман Володимирович Щука

Abstract


The rapid development of information technology has expanded the capabilities of cyberthreads regarding computer systems. Cybercriminals are developing new ways to avoid attack detection, so existing approaches are not able to withstand the growing threat of attacks. Meanwhile, the consequences of cyberattacks are becoming more dangerous and destructive. One of the approaches to solve the problem is the construction of resilient systems that are able to quickly recover and continue to function under attack conditions. The subject of research is the construction process of the resilient computer systems in the face of cyber threats. The goal is to develop a taxonomy and ontology of resilient computer systems under cyberthreats. Results. The article presents the definitions of the resilience from the point of view of cybersecurity, presents the gap between the concepts of resilience and dependability. The paper presents the main elements of the taxonomic scheme of computer system resilience, which include threats (changes in the environment and requirements, network attacks, attacks on software, software and hardware vulnerabilities, errors, failures), information and technical conditions that computer system passes during its operating cycle, the principles on which resilience is based (proactivity, adaptability, resistance, diversity, elasticity, controlled degradation, defense in depth, ability to evolvability), as well as primary and secondary properties. Based on the above elements, a generalized taxonomic scheme of resilience related to information security has been developed. The work presents the operational cycle of a resilient CS as a set of information and technical states that the system goes through (preparation, system protection, threat detection, threat absorption, response to a threat, system recovery after a cyberattack, adaptation.) An ontology scheme of the resilience from the point of view of information security of computer systems in the presence of cyberthreats is developed. Conclusions A taxonomy and ontology of resilient computer systems in the presence of cyberthreats has been developed.

Keywords


resilience; cyberthreat; cyberattack; adaptability; diversity; ontology; taxonomy; defense in depth; proactivity; resistance; elasticity; controlled degradation; evolvability

References


SearchDataCenter. Data center resiliency. Available at: http://searchdatacenter.techtarget.com/ definition/resiliency (аccessed 13.12.2019).

NEXUSGUARD. DDoS Threat Report 2019 Q3. Available at: https://www.nexusguard.com/threat-report-q3-2019 (аccessed 9.12.2019).

Zuzcak, M., Sochor, T. Behavioral analysis of bot activity in infected systems using honeypots. Communications in Computer and Information Science, Springer, Cham, 2017, vol. 718, pp. 118-133.

Holling, C. S. Resilience and stability of ecological systems. Annual Rev Ecology and Systematics, 1973, no. 4, pp. 1-23.

Briguglio, L., Cordina, G., Farrugia, N., Vella, S. Economic vulnerability and resilience: concepts and measurements. Oxford Devel Studies, 2009, no. 37(3), pp. 229-247. DOI:10.1080/13600810903089893.

Cimellaro, G. P. et al. Introduction to special issue on resilience-based analysis and design of structures and infrastructure systems. Structural Engineering, 2016, no. 142(8), pp.1-5.

Watson, J-P., Guttromson, R., Silva-Monroy, C., Jeffers, R., Jones, K., Ellison, J., Rath, C., Gearhart, J., Jones, D., Corbet, T., Hanley, C., Walker, L.T. Conceptual framework for developing resilience metrics for the electricity oil and gas sectors in the United States. Sandia National Laboratories, Albuquerque, NM (United States), Tech. Rep, 2015. 104 p.

Allenby, B., Fink, J. Toward inherently secure and resilient societies. Science, 2005, vol. 309, no. 5737, pp. 1034-1036.

Pregenzer, A. L. Systems resilience: A new analytical framework for nuclear nonproliferation. Albuquerque, NM, Sandia National Laboratories, Tech. Rep., 2011. 27 p.

Haimes, Y.Y. On the definition of resilience in systems. Risk Analysis, 2009, no. 29(4), pp. 498-501.

The infrastructure Security Partnership (TISP). Regional disaster resilience: a guide for developing on action plan. American Society of Civil Engineers, 2006. 36 p.

Vugrin, E. D., Warren, D. E., Ehlen, M. A., Camphouse, R. C. A framework for assessing the resilience of infrastructure and economic systems. Sustainable Infrastructure Systems: simulation, modeling, and intelligent engineering, Berlin, Springer-Verlag, Inc., 2010, pp. 77-116.

Laprie, J.-C. Resilience for the Scalability of Dependability. Fourth IEEE International Symposium on Network Computing and Applications, 2005, pp. 5-6.

Kharchenko, V. S. Harantozdatni systemy ta bahatoversiyni obchyslennya: aspekty evolyutsiyi [Dependable systems and multi-version computing: aspects of evolution]. Radioelektronni i komp'uterni sistemi – Radioelectronic and computer systems, 2009, no. 7 (41), pp. 46–59.

Bodeau, D., Graubart, R. Structured Cyber Resiliency Analysis Methodology (SCRAM). The MITRE Corporation, PR Case No. 16-0777, 2016. 13 p.

Linkov, I., Eisenberg, D. A., Plourde, K., Seager, T. P., Allen, J., Kott, A. Resilience metrics for cyber systems. Environment Systems and Decisions, 2013, no. 33(4), pp. 471-476.

Bodeau, D. J., Graubart, R. D. Cyber resiliency design principles: selective use throughout the lifecycle and in conjunction with related disciplines. The MITRE Corporation, Tech. Rep., 2017. 98 p.

Drozd, O., Kharchenko, V. et al. Development of Models in Resilient Computing. 10th International Conference on Dependable Systems, Services and Technologies (DESSERT), 2019, pp. 1-6.

Guelfi, Nicolas. A formal framework for dependability and resilience from a software engineering perspective. Central European Journal of Computer Science, 2011, no. 1, pp. 294-328.

Laprie, J.-C. From Dependability to Resilience. IEEE Computer Society, 2008, pp. 1-3.

Strigini, L. Resilience: What is it, and how much do we want? IEEE Security & Privacy, 2012, no. 10(3), pp. 72-75.

Avizienis, A., Laprie, J.-C., Randell, B., Landwehr, C. E. Basic Concepts and Taxonomy of Dependable and Secure Computing. IEEE Trans. Dependable Sec. Comput., 2004, no. 1(1), pp. 11-33.

Avizienis, A., Laprie, J.-C., Randell, B. Dependability and its Threats – A taxonomy. IFIP Congress Topical Sessions, 2004, pp. 91-120.

Björck, F., Henkel, M., Stirna, J., Zdravkovic, J. Cyber resilience – fundamentals for a definition. New contributions in information systems and technologies. Springer, Cham, 2015, pp. 311-316.

Basel Committee on Banking Supervision. Cyber-resilience: Range of practices. Bank for International Settlements, Tech. Rep., 2018. 10 p.

Vlacheas, P. T., Stavroulaki, V., Demestichas, P., Cadzowm, S., Gorniak, S., Ikonomou, D. Ontology and taxonomies of resilience. ENISA report, 2011. 59 p.

Kott, A., Blakely, B., Henshel, D., Wehner, G., Rowell, J., Evans, N., Krutilla, K. Approaches to Enhancing Cyber Resilience: Report of the North Atlantic Treaty Organization (NATO) Workshop IST-153. arXiv preprint, Report number: ARL-SR-0396, 2018. 44 p. arXiv:1804.07651.

The Cyber Resilience Blueprint: A New Per-spective on Security. Symantec, Tech. Rep, 2014. 14 p.

Thompson, M. A., Ryan, M. J., Slay, J., McLucas, A. C. A new resilience taxonomy. INCOSE International Symposium, 2016, vol. 26, no. 1, pp. 1318-1330.

Bakkensen, L. A., Fox‐Lent, C., Read, L. K., Linkov, I. Validating resilience and vulnerability indices in the context of natural disasters. Risk analysis, 2017, vol. 37, no. 5, pp. 982-1004. DOI: 10.1111/risa.12677.

Deliverable D34: Resilience ontology: final. ReSIST: Resilience for Survivability in IST., Tech. Rep., 2008. 28 p.

Alexeev, A. et al. Constructing a science of cyber-resilience for military systems. NATO IST-153 Workshop on Cyber Resilience, 2017. 13 p.

Lang, C., Madahar, B. Understanding the mission impact of a cyberattack in a system of systems environment. NATO IST-156 Workshop on Modelling and Simulation S&T: Critical Enabler for Cyber Defense, 2017. 36 p.

Leslie, N. O., Harang, R. E., Knachel, L. P., Kott, A. Statistical models for the number of successful cyber intrusions. Defense Modeling and Simulation, 2017, no. 15(1), pp. 49-63. DOI: 10.1177/1548512917715342.

IMPERVA. Smurf DDoS attack. Available at: https://www.imperva.com/learn/application-security/smurf-attack-ddos (аccessed 9.12.2019).




DOI: https://doi.org/10.32620/reks.2020.1.02

Refbacks

  • There are currently no refbacks.