Improving cyber resiliency of cloud application services by applying Software Behavior Encryption (SBE)

Danny Thebeau, Benjamin Reidy, Ricardo Valerdi, Avinash Gudagi, Hemayamini Kurra, Youssif Al-Nashif, Salim A Hariri, Frederick Sheldon

Research output: Chapter in Book/Report/Conference proceedingConference contribution

2 Citations (Scopus)

Abstract

The objective of this work is to define and measure cyber resiliency of the "cloud" in a Moving Target Defense (MTD) environment that applies the Software Behavior Encryption (SBE) method Implementation of SBE has shown to increase vulnerability tolerance in a particular software system by introducing software diversity and redundant version shuffling to obfuscate the system to attackers With this in mind, this paper nominates attack surface, confidentiality, integrity, availability, and survivability as the critical components of cyber resiliency, and a notional example is provided to demonstrate the components application and aggregation

Original languageEnglish (US)
Title of host publicationProcedia Computer Science
PublisherElsevier
Pages62-70
Number of pages9
Volume28
DOIs
StatePublished - 2014
Event12th Annual Conference on SystemsEngineering Research, CSER 2014 - Redondo Beach, CA, United States
Duration: Mar 21 2014Mar 22 2014

Other

Other12th Annual Conference on SystemsEngineering Research, CSER 2014
CountryUnited States
CityRedondo Beach, CA
Period3/21/143/22/14

Fingerprint

Cryptography
Agglomeration
Availability

Keywords

  • Attack Surface
  • Availability
  • Confidentiality
  • Integrity
  • Moving Target Defense (MTD)
  • Resiliency
  • Software Behavior Encryption (SBE)
  • Storage Dynamic Encryption (SDE)
  • Survivability

ASJC Scopus subject areas

  • Computer Science(all)

Cite this

Thebeau, D., Reidy, B., Valerdi, R., Gudagi, A., Kurra, H., Al-Nashif, Y., ... Sheldon, F. (2014). Improving cyber resiliency of cloud application services by applying Software Behavior Encryption (SBE). In Procedia Computer Science (Vol. 28, pp. 62-70). Elsevier. https://doi.org/10.1016/j.procs.2014.03.009

Improving cyber resiliency of cloud application services by applying Software Behavior Encryption (SBE). / Thebeau, Danny; Reidy, Benjamin; Valerdi, Ricardo; Gudagi, Avinash; Kurra, Hemayamini; Al-Nashif, Youssif; Hariri, Salim A; Sheldon, Frederick.

Procedia Computer Science. Vol. 28 Elsevier, 2014. p. 62-70.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Thebeau, D, Reidy, B, Valerdi, R, Gudagi, A, Kurra, H, Al-Nashif, Y, Hariri, SA & Sheldon, F 2014, Improving cyber resiliency of cloud application services by applying Software Behavior Encryption (SBE). in Procedia Computer Science. vol. 28, Elsevier, pp. 62-70, 12th Annual Conference on SystemsEngineering Research, CSER 2014, Redondo Beach, CA, United States, 3/21/14. https://doi.org/10.1016/j.procs.2014.03.009
Thebeau D, Reidy B, Valerdi R, Gudagi A, Kurra H, Al-Nashif Y et al. Improving cyber resiliency of cloud application services by applying Software Behavior Encryption (SBE). In Procedia Computer Science. Vol. 28. Elsevier. 2014. p. 62-70 https://doi.org/10.1016/j.procs.2014.03.009
Thebeau, Danny ; Reidy, Benjamin ; Valerdi, Ricardo ; Gudagi, Avinash ; Kurra, Hemayamini ; Al-Nashif, Youssif ; Hariri, Salim A ; Sheldon, Frederick. / Improving cyber resiliency of cloud application services by applying Software Behavior Encryption (SBE). Procedia Computer Science. Vol. 28 Elsevier, 2014. pp. 62-70
@inproceedings{4e29007ca6a04fd9b6fa97393508114b,
title = "Improving cyber resiliency of cloud application services by applying Software Behavior Encryption (SBE)",
abstract = "The objective of this work is to define and measure cyber resiliency of the {"}cloud{"} in a Moving Target Defense (MTD) environment that applies the Software Behavior Encryption (SBE) method Implementation of SBE has shown to increase vulnerability tolerance in a particular software system by introducing software diversity and redundant version shuffling to obfuscate the system to attackers With this in mind, this paper nominates attack surface, confidentiality, integrity, availability, and survivability as the critical components of cyber resiliency, and a notional example is provided to demonstrate the components application and aggregation",
keywords = "Attack Surface, Availability, Confidentiality, Integrity, Moving Target Defense (MTD), Resiliency, Software Behavior Encryption (SBE), Storage Dynamic Encryption (SDE), Survivability",
author = "Danny Thebeau and Benjamin Reidy and Ricardo Valerdi and Avinash Gudagi and Hemayamini Kurra and Youssif Al-Nashif and Hariri, {Salim A} and Frederick Sheldon",
year = "2014",
doi = "10.1016/j.procs.2014.03.009",
language = "English (US)",
volume = "28",
pages = "62--70",
booktitle = "Procedia Computer Science",
publisher = "Elsevier",

}

TY - GEN

T1 - Improving cyber resiliency of cloud application services by applying Software Behavior Encryption (SBE)

AU - Thebeau, Danny

AU - Reidy, Benjamin

AU - Valerdi, Ricardo

AU - Gudagi, Avinash

AU - Kurra, Hemayamini

AU - Al-Nashif, Youssif

AU - Hariri, Salim A

AU - Sheldon, Frederick

PY - 2014

Y1 - 2014

N2 - The objective of this work is to define and measure cyber resiliency of the "cloud" in a Moving Target Defense (MTD) environment that applies the Software Behavior Encryption (SBE) method Implementation of SBE has shown to increase vulnerability tolerance in a particular software system by introducing software diversity and redundant version shuffling to obfuscate the system to attackers With this in mind, this paper nominates attack surface, confidentiality, integrity, availability, and survivability as the critical components of cyber resiliency, and a notional example is provided to demonstrate the components application and aggregation

AB - The objective of this work is to define and measure cyber resiliency of the "cloud" in a Moving Target Defense (MTD) environment that applies the Software Behavior Encryption (SBE) method Implementation of SBE has shown to increase vulnerability tolerance in a particular software system by introducing software diversity and redundant version shuffling to obfuscate the system to attackers With this in mind, this paper nominates attack surface, confidentiality, integrity, availability, and survivability as the critical components of cyber resiliency, and a notional example is provided to demonstrate the components application and aggregation

KW - Attack Surface

KW - Availability

KW - Confidentiality

KW - Integrity

KW - Moving Target Defense (MTD)

KW - Resiliency

KW - Software Behavior Encryption (SBE)

KW - Storage Dynamic Encryption (SDE)

KW - Survivability

UR - http://www.scopus.com/inward/record.url?scp=84897986856&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84897986856&partnerID=8YFLogxK

U2 - 10.1016/j.procs.2014.03.009

DO - 10.1016/j.procs.2014.03.009

M3 - Conference contribution

AN - SCOPUS:84897986856

VL - 28

SP - 62

EP - 70

BT - Procedia Computer Science

PB - Elsevier

ER -