RST Labs Automatic Synthesis of Program- based Triggers for Intrusion Tolerance Mechanisms C C Michael Reliable Software Technologies.

Slides:

Advertisements

Similar presentations

Requirements Engineering n Elicit requirements from customer  Information and control needs, product function and behavior, overall product performance,

Advertisements

Report on Intrusion Detection and Data Fusion By Ganesh Godavari.

Software Testing. Overview Definition of Software Testing Problems with Testing Benefits of Testing Effective Methods for Testing.

Analysis Modeling Over view of today’s lesson T he analysis model is the first technical representation of a system. Analysis modeling uses a combination.

7M701 1 Software Engineering Software Requirements Sommerville, Ian (2001) Software Engineering, 6 th edition: Chapter 5

© 2002 McGraw-Hill Companies, Inc., McGraw-Hill/Irwin TURNING MARKETING INFORMATION INTO ACTION.

Marakas: Decision Support Systems, 2nd Edition © 2003, Prentice-Hall Chapter Chapter 7: Expert Systems and Artificial Intelligence Decision Support.

Mining Behavior Models Wenke Lee College of Computing Georgia Institute of Technology.

SE 555 Software Requirements & Specification 1 SE 555 Software Requirements & Specification Prototyping.

seminar on Intrusion detection system

Lecture 4 Business Use Cases: How to document them 1 SYS366.

Software Process and Product Metrics

SOFTWARE QUALITY ASSURANCE SOFTWARE QUALITY ASSURANCE  DEFINITIONS OF SQA  SOFTWARE STANDARDS  Process Quality Assurance  Product Quality Assurance.

Chapter 9. Intro  What is Project Management?  Project Manager  Project Failures & Successes Managing Projects  PMBOK  SDLC Core Process 1 – Project.

Software Integration and Documenting

WAC/ISSCI Automated Anomaly Detection Using Time-Variant Normal Profiling Jung-Yeop Kim, Utica College Rex E. Gantenbein, University of Wyoming.

Lucent Technologies – Proprietary Use pursuant to company instruction Learning Sequential Models for Detecting Anomalous Protocol Usage (work in progress)

Software Testing Verification and validation planning Software inspections Software Inspection vs. Testing Automated static analysis Cleanroom software.

ATIF MEHMOOD MALIK KASHIF SIDDIQUE Improving dependability of Cloud Computing with Fault Tolerance and High Availability.

ECE 355: Software Engineering

공과대학 > IT 공학부 Embedded Processor Design Chapter 8: Test EMBEDDED SYSTEM DESIGN 공과대학 > IT 공학부 Embedded Processor Design Presenter: Yvette E. Gelogo Professor:

SAS 03/ GSFC/SATC-ERAU-DoC Fault Tree Analysis Application for Safety and Reliability Massood Towhidnejad Embry-Riddle University Dolores Wallace & Al.

Handouts Software Testing and Quality Assurance Theory and Practice Chapter 15 Software Reliability

March 13, 2001CSci Clark University1 CSci 250 Software Design & Development Lecture #15 Tuesday, March 13, 2001.

Requirements Analysis

Improving Intrusion Detection System Taminee Shinasharkey CS689 11/2/00.

1 Software Quality CIS 375 Bruce R. Maxim UM-Dearborn.

Verification and Validation Overview References: Shach, Object Oriented and Classical Software Engineering Pressman, Software Engineering: a Practitioner’s.

06/10/2015 Presentation name / Author1 Evaluating assessment performance Mikko Pohjola, THL.

General Background Senior design project May03-16, Fuel Cell Project, involves providing our client, MidAmerican Energy, a report containing a detailed.

RST Labs Effectively Constraining Active Scripting on the Win32 Platform Anup K. Ghosh Reliable Software Technologies

Report on Intrusion Detection and Data Fusion By Ganesh Godavari.

An Overview of Intrusion Detection Using Soft Computing Archana Sapkota Palden Lama CS591 Fall 2009.

Chapter 11. Intro  What is Project Management?  Project Manager  Project Failures & Successes Managing Projects  PMBOK  SDLC Core Process 1 – Project.

University of Palestine software engineering department Testing of Software Systems Testing throughout the software life cycle instructor: Tasneem.

Issues Autonomic operation (fault tolerance) Minimize interference to applications Hardware support for new operating systems Resource management (global.

©Ian Sommerville 2000Software Engineering, 6th edition. Chapter 19Slide 1 Chapter 19 Verification and Validation.

Adaptive control and process systems. Design and methods and control strategies 1.

1 SYS366 Business Use Cases and Business Actors: How to Identify Them.

1 SYS366 Lecture - Business Use Cases How to Identify Them.

Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.

DARPA ITO/MARS Project Update Vanderbilt University A Software Architecture and Tools for Autonomous Robots that Learn on Mission K. Kawamura, M. Wilkes,

Basic Concepts of Component- Based Software Development (CBSD) Model-Based Programming and Verification.

Chapter 8 Lecture 1 Software Testing. Program testing Testing is intended to show that a program does what it is intended to do and to discover program.

Fault Tolerance Benchmarking. 2 Owerview What is Benchmarking? What is Dependability? What is Dependability Benchmarking? What is the relation between.

Ensure that the right functions are performed Ensure that the these functions are performed right and are reliable.

System Implementation. © 2011 Pearson Education, Inc. Publishing as Prentice Hall 2 Chapter 13 FIGURE 13-1 Systems development life cycle with the implementation.

TRL and Technology Commercialization Theresa Baus Naval Undersea Warfare Center Division Newport, RI.

Scientific Systems Not for Public Release SSCI #1301 DARPA OASIS PI MEETING – Santa Fe, NM - Jul 24-27, 2001 Intelligent Active Profiling for Detection.

1 Phase Testing. Janice Regan, For each group of units Overview of Implementation phase Create Class Skeletons Define Implementation Plan (+ determine.

Application Communities Phase 2 (AC2) Project Overview Nov. 20, 2008 Greg Sullivan BAE Systems Advanced Information Technologies (AIT)

T EST T OOLS U NIT VI This unit contains the overview of the test tools. Also prerequisites for applying these tools, tools selection and implementation.

Testing Overview Software Reliability Techniques Testing Concepts CEN 4010 Class 24 – 11/17.

The evolution of IT Outsourcing - why trusted partnership matters? by Olha Moroz Delivery Director, SoftServe Poland.

Learning Procedural Knowledge through Observation -Michael van Lent, John E. Laird – 인터넷 기술 전공 022ITI02 성유진.

Introduction to Software Testing (2nd edition) Chapter 5 Criteria-Based Test Design Paul Ammann & Jeff Offutt

UC Marco Vieira University of Coimbra

Antonio Hansford ITEC 400 Berkeley Software Design April 14, 2016.

Chapter 11 Project Management.

Paul Ammann & Jeff Offutt

Lecture 2: Business Use Cases and Actors - How to identify them

TQS - Teste e Qualidade de Software (Software Testing and Quality) Introduction To Software Testing Concepts João Pascoal.

Chapter 8 – Software Testing

Verification and Testing

Software Engineering (CSI 321)

Week 2- Lecture 2 Business Processes: What Are They?

Project Management Chapter 11.

Software metrics.

INFO 414 Information Behavior

Chapter 7 Software Testing.

Presentation transcript:

RST Labs Automatic Synthesis of Program- based Triggers for Intrusion Tolerance Mechanisms C C Michael Reliable Software Technologies

RST Labs Objective Triggers for intrusion-tolerance mechanisms Reliable detection of events that intrusion- tolerant systems need to know about Based on system behavior, not the environment (or user behavior). Don’t try to detect the nail that’s about to puncture the tire Based on domain knowledge on how the system should behave

RST Labs Technical Approach Tolerance triggers are synthesized automatically A tolerance trigger has a model of normal system behavior, and watches for deviations from the model. Intelligently model the system, don’t try to model the environment. –Probably won’t use statistical models of behavior Machine learning is used to build system models from automatically-generated training data.

RST Labs Technical Approach Our technical approach contains three main elements: a.Automatic test data generation Create structured tests that exercise as much functionality as possible Observe application behavior while the tests are executed b.Vocabulary extraction c.Synthesis of finite automata that characterize system behavior VE SoFA TDG Behavior Model a b c observe behavior

RST Labs Evaluation Some elements of the system can be used in an LL-style evaluation. Quantifying performance –Begin with a statistical analysis. This assumes a constant operating environment but it may be all we can do without predicting the future. This may help us understand the domain better. –How robust is this to environmental changes?

RST Labs Policy The default policy is: when the system behaves as intended, that’s good. –An analogy between tolerance triggering and fault detection. –“As intended” means whatever the developers put in the code. Extensions for custom policies are possible. –We have some preliminary results

RST Labs Major Milestones Year 1: Completion and evaluation of system for generating structured tests Year 2: Application-specific tolerance triggers Year 3: System-wide tolerance triggers

RST Labs Tech Transfer Patent Inventions Release and make software freely available Market, sell, or license technology to leading commercial vendor in market space.

RST Labs The Tolerance Triggering Team (so far) C C Michael Michael Schatz Automatic Synthesis of Program-based Triggers for Intrusion Tolerance Mechanisms DARPA contract