BioRAC: biologically inspired resilient autonomic cloud

Our modern cyber-powered society will provide pervasive information services that will touch all aspects of our life and economy. However, we are experiencing grand challenges to secure and protect our cyberspace resources and services. The recent embrace of cloud computing due to their performance and cost considerations will further exacerbate the security problem. In cloud computing, organizations relinquish direct control of many security aspects to the service providers such as trust, privacy preservation, identity management, data and software isolation, and service availability. Traditional security techniques will not work well in a cloud environment due to many challenges related to the monoculture paradigm, the rapid and dynamic changes, the use of social networking software tools, and use of mobile devices. In this paper, we present the design of biorac: biologically-inspired resilient autonomic cloud that employs biologically inspired techniques and multi-level tunable redundancy techniques to increase attack and exploitation resilience in cloud computing. We briefly describe how biorac can tolerate and minimize the impact of novel cyber attacks.

[1]  Bev Littlewood,et al.  N-version design Versus one Good Version , 2000 .

[2]  Nancy G. Leveson,et al.  An experimental evaluation of the assumption of independence in multiversion programming , 1986, IEEE Transactions on Software Engineering.

[3]  Arun K. Sood,et al.  Designing SCIT architecture pattern in a Cloud-based environment , 2011, 2011 IEEE/IFIP 41st International Conference on Dependable Systems and Networks Workshops (DSN-W).

[4]  Mohammad Reza Abbasy,et al.  Enabling Data Hiding for Resource Sharing in Cloud Computing Environments Based on DNA Sequences , 2011, 2011 IEEE World Congress on Services.

[5]  Frederick B. Cohen,et al.  Operating system protection through program evolution , 1993, Comput. Secur..

[6]  Philipp Zech Risk-Based Security Testing in Cloud Computing Environments , 2011, 2011 Fourth IEEE International Conference on Software Testing, Verification and Validation.

[7]  James E. Just,et al.  Review and analysis of synthetic diversity for breaking monocultures , 2004, WORM '04.

[8]  Ming Zhang,et al.  Autonomia: an autonomic computing environment , 2003, Conference Proceedings of the 2003 IEEE International Performance, Computing, and Communications Conference, 2003..

[9]  Dawn Song,et al.  Mitigating buffer overflows by operating system randomization , 2002 .

[10]  Michael Franz,et al.  Orchestra: intrusion detection using parallel execution and monitoring of program variants in user-space , 2009, EuroSys '09.

[11]  Margo I. Seltzer,et al.  An architecture a day keeps the hacker away , 2005, CARN.

[12]  Zhou Su,et al.  Enhancing cloud storage security against roll-back attacks with a new fair multi-party non-repudiation protocol , 2011, 2011 IEEE Consumer Communications and Networking Conference (CCNC).