skip to main content
research-article

A Systematic Survey of Self-Protecting Software Systems

Published:01 January 2014Publication History
Skip Abstract Section

Abstract

Self-protecting software systems are a class of autonomic systems capable of detecting and mitigating security threats at runtime. They are growing in importance, as the stovepipe static methods of securing software systems have been shown to be inadequate for the challenges posed by modern software systems. Self-protection, like other self-* properties, allows the system to adapt to the changing environment through autonomic means without much human intervention, and can thereby be responsive, agile, and cost effective. While existing research has made significant progress towards autonomic and adaptive security, gaps and challenges remain. This article presents a significant extension of our preliminary study in this area. In particular, unlike our preliminary study, here we have followed a systematic literature review process, which has broadened the scope of our study and strengthened the validity of our conclusions. By proposing and applying a comprehensive taxonomy to classify and characterize the state-of-the-art research in this area, we have identified key patterns, trends and challenges in the existing approaches, which reveals a number of opportunities that will shape the focus of future research efforts.

References

  1. Abie, H. 2009. Adaptive security and trust management for autonomic message-oriented middleware. In Proceedings of the IEEE 6th International Conference on Mobile Adhoc and Sensor Systems (MASS’09). 810--817.Google ScholarGoogle ScholarCross RefCross Ref
  2. Abie, H., Dattani, I., Novkovic, M., Bigham, J., Topham, S., and Savola, R. 2008. GEMOM - Significant and measurable progress beyond the state of the art. In Proceedings of the 3rd International Conference on Systems and Networks Communications (ICSNC’08). 191--196. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. Adnane, A., de Sousa, Jr., R. T., Bidan, C., and Mé, L. 2008. Autonomic trust reasoning enables misbehavior detection in OLSR. In Proceedings of the 2008 ACM Symposium on Applied Computing. ACM, 2006--2013. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. Alampalayam, S. P. and Kumar, A. 2003. Security model for routing attacks in mobile ad hoc networks. In Proceedings of the 58th Vehicular Technology Conference (VTC’03). Vol.3. IEEE, 2122--2126.Google ScholarGoogle Scholar
  5. Alia, M. and Lacoste, M. 2008. A QoS and security adaptation model for autonomic pervasive systems. In Proceedings of the 32nd Annual IEEE International Computer Software and Applications (COMPSAC’08). 943--948. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. Alia, M., Lacoste, M., He, R., and Eliassen, F. 2010. Putting together QoS and security in autonomic pervasive systems. In Proceedings of the 6th ACM Workshop on Qos and Security for Wireless and Mobile Networks. ACM, 19--28. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. Al-Nashif, Y., Kumar, A. A., Hariri, S., Qu, G., Luo, Y., and Szidarovsky, F. 2008. Multi-level intrusion detection system (ML-IDS). In Proceedings of the International Conference on Autonomic Computing (ICAC’08). 131--140. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. Anisetti, M., Ardagna, C. A., Damiani, E., Frati, F., Müller, H. A., and Pahlevan, A. 2012. Web service assurance: The notion and the issues. Future Internet 4, 1, 92--109.Google ScholarGoogle ScholarCross RefCross Ref
  9. Atighetchi, M. and Pal, P. 2009. From Auto-adaptive to survivable and self-regenerative systems successes, challenges, and future. In Proceedings of the 8th IEEE International Symposium on Network Computing and Applications (NCA’09). 98--101. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. Atighetchi, M., Pal, P., Webber, F., Schantz, R., Jones, C., and Loyall, J. 2004. Adaptive cyberdefense for survival and intrusion tolerance. IEEE Internet Comput. 8, 6, 25--33. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. Atighetchi, M., Pal, P. P., Jones, C. C. et al. 2003. Building auto-adaptive distributed applications: The QuO-APOD experience. In Proceedings of the 23rd International Conference on Distributed Computing Systems Workshops. 104--109. Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. Avižienis, A., Laprie, J.-C., and Randell, B. 2004. Dependability and its threats: A taxonomy. In Building the Information Society, R. Jacquart Ed., Springer, 91--120.Google ScholarGoogle Scholar
  13. Balepin, I., Maltsev, S., Rowe, J., and Levitt, K. 2003. Using specification-based intrusion detection for automated response. In Recent Advances in Intrusion Detection, G. Vigna, C. Kruegel, and E. Jonsson Eds., Springer, Berlin, 136--154.Google ScholarGoogle Scholar
  14. Ben Mahmoud, M. S., Larrieu, N., Pirovano, A., and Varet, A. 2010. An adaptive security architecture for future aircraft communications. In Proceedings of the 29th Digital Avionics Systems Conference (DASC). IEEE/AIAA, 3.E.2--1--3.E.2--16.Google ScholarGoogle Scholar
  15. Bencsáth, B., Pék, G., Buttyán, L., and Félegyházi, M. 2012. DUQU: Analysis, detection, and lessons learned. In Proceedings of the ACM European Workshop on System Security (EuroSec).Google ScholarGoogle Scholar
  16. Benjamin, D. P., Pal, P., Webber, F., Rubel, P., and Atigetchi, M. 2008. Using a cognitive architecture to automate cyberdefense reasoning. In Proceedings of the ECSIS Symposium on Bio-inspired Learning and Intelligent Systems for Security (BLISS’08). 58--63. Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. Bijani, S. and Robertson, D. 2012. A review of attacks and security approaches in open multi-agent systems. Artif. Intell. Rev., 1--30.Google ScholarGoogle Scholar
  18. Blount, J. J., Tauritz, D. R., and Mulder, S. A. 2011. Adaptive rule-based malware detection employing learning classifier systems: A proof of concept. In Proceedings of the 35th Annual IEEE Computer Software and Applications Conference Workshops (COMPSACW). 110 --115. Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. Brereton, P., Kitchenham, B. A., Budgen, D., Turner, M., and Khalil, M. 2007. Lessons from applying the systematic literature review process within the software engineering domain. J. Syst. Softw. 80, 4, 571--583. Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. Burns, J., Cheng, A., Gurung, P. et al. 2001. Automatic management of network security policy. In Proceedings of the DARPA Information Survivability Conference Exposition II (DISCEX’01). Vol. 2. 12--26.Google ScholarGoogle Scholar
  21. Casola, V., Mancini, E. P., Mazzocca, N., Rak, M., and Villano, U. 2008. Self-optimization of secure web services. Comput. Commun. 31, 18, 4312--4323. Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. Castro, M. and Liskov, B. 2002. Practical byzantine fault tolerance and proactive recovery. ACM Trans. Comput. Syst. 20, 4, 398--461. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. Cavalcante, R. C., Bittencourt, I. I., da Silva, A. P., Silva, M., Costa, E., and Santos, R. 2012. A survey of security in multi-agent systems. Expert Syst. Appl. 39, 5, 4835--4846. Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. Cheng, B. H. C., Lemos, R., Giese, H. et al. 2009. Software engineering for self-adaptive systems: A research roadmap. In Software Engineering for Self-Adaptive Systems, B. H. C. Cheng, R. Lemos, H. Giese, P. Inverardi, and J. Magee Eds., Springer, Berlin, 1--26. Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. Cheng, P. C., Rohatgi, P., Keser, C., et al. 2007. Fuzzy multi-level security: An experiment on quantified risk-adaptive access control. In Proceedings of the IEEE Symposium on Security and Privacy (SP’07). 222--230. Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. Cheng, S.-W., Garlan, D., and Schmerl, B. 2006. Architecture-based self-adaptation in the presence of multiple objectives. In Proceedings of the International Workshop on Self-Adaptation and Self-Managing Systems. ACM, 2--8. Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. Chess, D. M., Palmer, C. C., and White, S. R. 2003. Security in an autonomic computing environment. IBM Syst. J. 42, 1, 107--118. Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. Chigan, C., Li, L., and Ye, Y. 2005. Resource-aware self-adaptive security provisioning in mobile ad hoc networks. In Proceedings of the Wireless Communications and Networking Conference. Vol. 4. IEEE, 2118--2124.Google ScholarGoogle Scholar
  29. Chong, J., Pal, P., Atigetchi, M., Rubel, P., and Webber, F. 2005. Survivability architecture of a mission critical system: The DPASA example. In Proceedings of the 21st Annual Computer Security Applications Conference. Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. Costa, M., Crowcroft, J., Castro, M. et al. 2008. Vigilante: End-to-end containment of Internet worm epidemics. ACM Trans. Comput. Syst. 26, 4, 9:1--9:68. Google ScholarGoogle ScholarDigital LibraryDigital Library
  31. Cowan, C., Pu, C., Maier, D. et al. 1998. StackGuard: Automatic adaptive detection and prevention of buffer-overflow attacks. In Proceedings of the 7th Conference on USENIX Security Symposium. Vol. 7, USENIX Association, 5--5. Google ScholarGoogle ScholarDigital LibraryDigital Library
  32. Cox, D. P., Al-Nashif, Y., and Hariri, S. 2007. Application of autonomic agents for global information grid management and security. In Proceedings of the Summer Computer Simulation Conference. Society for Computer Simulation International, 1147--1154. Google ScholarGoogle ScholarDigital LibraryDigital Library
  33. Crosbie, M. and Spafford, G. 1995. Active defense of a computer system using autonomous agents. Tech. rep. 95-008, COAST Group, Department of Computer Sciences, Purdue University, West Lafayette, IN.Google ScholarGoogle Scholar
  34. Debar, H., Thomas, Y., Cuppens, F., and Cuppens-Boulahia, N. 2007. Enabling automated threat response through the use of a dynamic security policy. J. Comput. Virol. 3, 3, 195--210.Google ScholarGoogle ScholarCross RefCross Ref
  35. de Oliveira, T. R., de Oliveira, S., Macedo, D. F., and Nogueira, J. M. 2011. An adaptive security management model for emergency networks. In Proceedings of the 7th Latin American Network Operations and Management Symposium (LANOMS), 1--4.Google ScholarGoogle Scholar
  36. De Palma, N., Hagimont, D., Boyer, F., and Broto, L. 2012. Self-protection in a clustered distributed system. IEEE Trans. Parall. Distrib. Syst. 23, 2, 330--336. Google ScholarGoogle ScholarDigital LibraryDigital Library
  37. Dittmann, J., Karpuschewski, B., Fruth, J., Petzel, M., and M”under, R. 2010. An exemplary attack scenario: Threats to production engineering inspired by the Conficker worm. In Proceedings of the 1st International Workshop on Digital Engineering. ACM, 25--32. Google ScholarGoogle ScholarDigital LibraryDigital Library
  38. Dragoni, N., Massacci, F., and Saidane, A. 2009. A self-protecting and self-healing framework for negotiating services and trust in autonomic communication systems. Comput. Netw. 53, 10, 1628--1648. Google ScholarGoogle ScholarDigital LibraryDigital Library
  39. Elkhodary, A. and Whittle, J. 2007. A survey of approaches to adaptive application security. In Proceedings of the Workshop on Software Engineering for Adaptive and Self-Managing Systems (SEAMS’07). 16. Google ScholarGoogle ScholarDigital LibraryDigital Library
  40. English, C., Terzis, S., and Nixon, P. 2006. Towards self-protecting ubiquitous systems: Monitoring trust-based interactions. Pers. Ubiq. Comput. 10, 1, 50--54. Google ScholarGoogle ScholarDigital LibraryDigital Library
  41. Erlingsson, U. and Schneider, F. B. 2000. SASI enforcement of security policies: A retrospective. In Proceedings of the DARPA Information Survivability Conference and Exposition (DISCEX’00). Vol. 2. 287--295.Google ScholarGoogle Scholar
  42. Fayssal, S., Alnashif, Y., Kim, B., and Hariri, S. 2008. A proactive wireless self-protection system. In Proceedings of the 5th International Conference on Pervasive Services. ACM, 11--20. Google ScholarGoogle ScholarDigital LibraryDigital Library
  43. Feiertag, R., Rho, S., Benzinger, L. et al. 2000. Intrusion detection inter-component adaptive negotiation. Comput. Netw. 34, 4, 605--621. Google ScholarGoogle ScholarDigital LibraryDigital Library
  44. Foo, B., Wu, Y. S., Mao, Y. C., Bagchi, S., and Spafford, E. 2005a. ADEPTS: Adaptive intrusion response using attack graphs in an e-commerce environment. In Proceedings of the International Conference on Dependable Systems and Networks (DSN’05). 508--517. Google ScholarGoogle ScholarDigital LibraryDigital Library
  45. Foo, B., Wu, Y.-S., Mao, Y.-C., Bagchi, S., and Spafford, E. 2005b. ADEPTS: Adaptive intrusion response using attack graphs in an e-commerce environment. In Proceedings of the International Conference on Dependable Systems and Networks (DSN’05). 508--517. Google ScholarGoogle ScholarDigital LibraryDigital Library
  46. Foster, H., Spanoudakis, G., and Mahbub, K. 2012. Formal certification and compliance for run-time service environments. In Proceedings of the IEEE 9th International Conference on Services Computing (SCC). 17--24. Google ScholarGoogle ScholarDigital LibraryDigital Library
  47. Frincke, D., Wespi, A., and Zamboni, D. 2007. From intrusion detection to self-protection. Comput. Netw. 51, 5, 1233--1238. Google ScholarGoogle ScholarDigital LibraryDigital Library
  48. Garlan, D., Cheng, S.-W., Huang, A.-C., Schmerl, B., and Steenkiste, P. 2004. Rainbow: Architecture-based self-adaptation with reusable infrastructure. Computer 37, 10, 46--54. Google ScholarGoogle ScholarDigital LibraryDigital Library
  49. Gelenbe, E. and Loukas, G. 2007. A self-aware approach to denial of service defence. Comput. Netw. 51, 5, 1299--1314. Google ScholarGoogle ScholarDigital LibraryDigital Library
  50. Ghosh, A. K. and Voas, J. M. 1999. Inoculating software for survivability. Commun. ACM 42, 7, 38--44. Google ScholarGoogle ScholarDigital LibraryDigital Library
  51. Ghosh, A. K., O’Connor, T., and McGraw, G. 1998. An automated approach for identifying potential vulnerabilities in software. In Proceedings of the IEEE Symposium on Security and Privacy. 104--114.Google ScholarGoogle ScholarCross RefCross Ref
  52. Goel, A., Po, K., Farhadi, K., Li, Z., and de Lara, E. 2005. The taser intrusion recovery system. SIGOPS Oper. Syst. Rev. 39, 5, 163--176. Google ScholarGoogle ScholarDigital LibraryDigital Library
  53. Guttman, J. D. and Herzog, A. L. 2005. Rigorous automated network security management. Int. J. Inf. Sec. 4, 1, 29--48. Google ScholarGoogle ScholarDigital LibraryDigital Library
  54. Hafiz, M., Adamczyk, P., and Johnson, R. E. 2007. Organizing security patterns. IEEE Softw. 24, 4, 52--60. Google ScholarGoogle ScholarDigital LibraryDigital Library
  55. Hashii, B., Malabarba, S., Pandey, R., and Bishop, M. 2000. Supporting reconfigurable security policies for mobile programs. Comput. Netw. 33, 1--6, 77--93. Google ScholarGoogle ScholarDigital LibraryDigital Library
  56. He, R. and Lacoste, M. 2008a. Applying component-based design to self-protection of ubiquitous systems. In Proceedings of the 3rd ACM Workshop on Software Engineering for Pervasive Services. ACM, 9--14. Google ScholarGoogle ScholarDigital LibraryDigital Library
  57. He, R. and Lacoste, M. 2008b. Applying component-based design to self-protection of ubiquitous systems. In Proceedings of the 3rd ACM Workshop on Software Engineering for Pervasive Services. 9--14. Google ScholarGoogle ScholarDigital LibraryDigital Library
  58. He, R., Lacoste, M., and Leneutre, J. 2010a. A policy management framework for self-protection of pervasive systems. In Proceedings of the 6th International Conference on Autonomic and Autonomous Systems (ICAS). 104--109. Google ScholarGoogle ScholarDigital LibraryDigital Library
  59. He, R., Lacoste, M., and Leneutre, J. 2010b. Virtual security kernel: A component-based OS architecture for self-protection. In Proceedings of the IEEE 10th International Conference on Computer and Information Technology (CIT). 851--858. Google ScholarGoogle ScholarDigital LibraryDigital Library
  60. Hinton, H., Cowan, C., Delcambre, L., and Bowers, S. 1999. SAM: Security adaptation manager. In Proceedings of the 15th Annual Computer Security Applications Conference (ACSAC’99). 361--370. Google ScholarGoogle ScholarDigital LibraryDigital Library
  61. Huang, Y., Arsenault, D., and Sood, A. 2006. Closing cluster attack windows through server redundancy and rotations. In Proceedings of the 6th IEEE International Symposium on Cluster Computing and the Grid (CCGRID’06). 12--21. Google ScholarGoogle ScholarDigital LibraryDigital Library
  62. Huang, Y., Kintala, C., Kolettis, N., and Fulton, N. D. 1995. Software rejuvenation: Analysis, module and applications. In Proceedings of the 25th International Symposium on Fault-Tolerant Computing (FTCS-25). 381--390. Google ScholarGoogle ScholarDigital LibraryDigital Library
  63. Huebscher, M. C. and McCann, J. A. 2008. A survey of autonomic computing - degrees, models, and applications. ACM Comput. Surv. 40, 3, 7:1--7:28. Google ScholarGoogle ScholarDigital LibraryDigital Library
  64. Igure, V. and Williams, R. 2008. Taxonomies of attacks and vulnerabilities in computer systems. IEEE Commun. Surv. Tutor. 10, 1, 6--19. Google ScholarGoogle ScholarDigital LibraryDigital Library
  65. Jabbour, G. G. and Menasee, D. A. 2008. Policy-based enforcement of database security configuration through autonomic capabilities. In Proceedings of the 4th International Conference on Autonomic and Autonomous Systems (ICAS’08). 188--197. Google ScholarGoogle ScholarDigital LibraryDigital Library
  66. Jabbour, G. and Menasce, D. A. 2009. The insider threat security architecture: A framework for an integrated, inseparable, and uninterrupted self-protection mechanism. In Proceedings of the International Conference on Computational Science and Engineering (CSE’09). 244--251. Google ScholarGoogle ScholarDigital LibraryDigital Library
  67. Jain, S., Shafique, F., Djeric, V., and Goel, A. 2008. Application-level isolation and recovery with solitude. In Proceedings of the 3rd ACM SIGOPS/EuroSys European Conference on Computer Systems. ACM, 95--107. Google ScholarGoogle ScholarDigital LibraryDigital Library
  68. Jansen, B., Ramasamy, H., Schunter, M., and Tanner, A. 2008. Architecting dependable and secure systems using virtualization. In Architecting Dependable Systems V, R. de Lemos, F. Di Giandomenico, C. Gacek, H. Muccini, and M. Vieira Eds., Springer, Berlin, 124--149. Google ScholarGoogle ScholarDigital LibraryDigital Library
  69. Jean, E., Jiao, Y., Hurson, A. R., and Potok, T. E. 2007. Boosting-based distributed and adaptive security-monitoring through agent collaboration. In Proceedings of the IEEE/WIC/ACM International Conferences on Web Intelligence and Intelligent Agent Technology Workshops. 516--520. Google ScholarGoogle ScholarDigital LibraryDigital Library
  70. Kephart, J. O. and Chess, D. M. 2003. The vision of autonomic computing. Computer 36, 1, 41--50. Google ScholarGoogle ScholarDigital LibraryDigital Library
  71. Kephart, J. O., Sorkin, G. B., Swimmer, M., and White, S. R. 1997. Blueprint for a computer immune system. In Proceedings of the Virus Bulletin International Conference. San Francisco, CA.Google ScholarGoogle Scholar
  72. Kitchenham, B. 2004. Procedures for Performing Systematic Reviews. Keele University, Keele, UK.Google ScholarGoogle Scholar
  73. Klein, C., Schmid, R., Leuxner, C., Sitou, W., and Spanfelner, B. 2008. A survey of context adaptation in autonomic computing. In Proceedings of the 4th International Conference on Autonomic and Autonomous Systems (ICAS’08). 106--111. Google ScholarGoogle ScholarDigital LibraryDigital Library
  74. Konrad, S., Cheng, B. H. C., Campbell, L. A., and Wassermann, R. 2003. Using security patterns to model and analyze security requirements. In Proceedings of the Symposium on Requirements Engineering for High Assurance Systems (RHAS’03). 11.Google ScholarGoogle Scholar
  75. Kramer, J. and Magee, J. 2007. Self-managed systems: An architectural challenge. In Proceedings of the Symposium on the Future of Software Engineering (FOSE’07). 259--268. Google ScholarGoogle ScholarDigital LibraryDigital Library
  76. Kumar, G., Kumar, K., and Sachdeva, M. 2010. The use of artificial intelligence based techniques for intrusion detection: A review. Artif. Intell. Rev. 34, 4, 369--387. Google ScholarGoogle ScholarDigital LibraryDigital Library
  77. Labraoui, N., Gueroui, M., Aliouat, M., and Petit, J. 2010. Adaptive security level for data aggregation in wireless sensor networks. In Proceedings of the 5th IEEE International Symposium on Wireless Pervasive Computing (ISWPC). 325--330. Google ScholarGoogle ScholarDigital LibraryDigital Library
  78. Lamprecht, C. J. and van Moorsel, A. P. A. 2007. Adaptive SSL: Design, implementation and overhead analysis. In Proceedings of the 1st International Conference on Self-Adaptive and Self-Organizing Systems (SASO’07). 289--294. Google ScholarGoogle ScholarDigital LibraryDigital Library
  79. Lamprecht, C. J. and van Moorsel, A. P. A. 2008. Runtime security adaptation using adaptive SSL. In Proceedings of the 14th IEEE Pacific Rim International Symposium on Dependable Computing (PRDC’08). 305--312. Google ScholarGoogle ScholarDigital LibraryDigital Library
  80. Langner, R. 2011. Stuxnet: Dissecting a Cyberwarfare Weapon. IEEE Secur. Privacy 9, 3, 49--51. Google ScholarGoogle ScholarDigital LibraryDigital Library
  81. Laureano, M., Maziero, C., and Jamhour, E. 2007. Protecting host-based intrusion detectors through virtual machines. Comput. Netw. 51, 5, 1275--1283. Google ScholarGoogle ScholarDigital LibraryDigital Library
  82. Lee, W., Miller, M., Stolfo, S. J., Fan, W., and Zadok, E. 2002. Toward cost-sensitive modeling for intrusion detection and response. J. Comput. Secur. 10, 2002. Google ScholarGoogle ScholarDigital LibraryDigital Library
  83. Lemos, R., Giese, H., Müller, H. A., et al. 2013. Software engineering for self-adaptive systems: A second research roadmap. In Software Engineering for Self-Adaptive Systems II, R. Lemos, H. Giese, H.A. Müller, and M. Shaw Eds., Springer, Berlin, Heidelberg, 1--32.Google ScholarGoogle Scholar
  84. Liang, Z. and Sekar, R. 2005. Fast and automated generation of attack signatures: A basis for building self-protecting servers. In Proceedings of the 12th ACM Conference on Computer and Communications Security. 213--222. Google ScholarGoogle ScholarDigital LibraryDigital Library
  85. Lim, Y. T., Cheng, P.-C., Rohatgi, P., and Clark, J. A. 2009. Dynamic security policy learning. In Proceedings of the 1st ACM Workshop on Information Security Governance. ACM, 39--48. Google ScholarGoogle ScholarDigital LibraryDigital Library
  86. Lorenzoli, D., Mariani, L., and Pezze, M. 2007. Towards self-protecting enterprise applications. In Proceedings of the 18th IEEE International Symposium on Software Reliability (ISSRE’07). 39--48. Google ScholarGoogle ScholarDigital LibraryDigital Library
  87. Malek, S., Esfahani, N., Menasce, D. A., Sousa, J. P., and Gomaa, H. 2009. Self-Architecting Software SYstems (SASSY) from QoS-annotated activity models. In Proceedings of the ICSE Workshop on Principles of Engineering Service Oriented Systems (PESOS’09), 62--69. Google ScholarGoogle ScholarDigital LibraryDigital Library
  88. Marino, J. and Rowley, M. 2010. Understanding SCA (Service Component Architecture). Pearson Education. Google ScholarGoogle ScholarDigital LibraryDigital Library
  89. Maximilien, E. M. and Singh, M. P. 2004. Toward autonomic web services trust and selection. In Proceedings of the 2nd International Conference on Service Oriented Computing, ACM, 212--221. Google ScholarGoogle ScholarDigital LibraryDigital Library
  90. McKinley, P. K., Sadjadi, S. M., Kasten, E. P., and Cheng, B. H. C. 2004. A taxonomy of compositional adaptation. Report MSU-CSE-04-17, Michigan State University.Google ScholarGoogle Scholar
  91. Menasce, D., Gomaa, H., Malek, S., and Sousa, J. 2011. SASSY: A framework for self-architecting service-oriented systems. IEEE Softw. 28, 6, 78--85. Google ScholarGoogle ScholarDigital LibraryDigital Library
  92. MITRE. 2011. CWE - 2011 CWE/SANS Top 25 Most Dangerous Software Errors. 2011 CWE/SANS Top 25 Most Dangerous Software Errors. http://cwe.mitre.org/top25/.Google ScholarGoogle Scholar
  93. Montangero, C. and Semini, L. 2004. Formalizing an adaptive security infrastructure in mobadtl. In Proceedings of the FCS’04, 301.Google ScholarGoogle Scholar
  94. Morin, B., Mouelhi, T., Fleurey, F., Le Traon, Y., Barais, O., and Jézéquel, J.-M. 2010. Security-driven model-based dynamic adaptation. In Proceedings of the IEEE/ACM International Conference on Automated software engineering, ACM, 205--214. Google ScholarGoogle ScholarDigital LibraryDigital Library
  95. Mouelhi, T., Fleurey, F., Baudry, B., and Le Traon, Y. 2008. A model-based framework for security policy specification, deployment and testing. In Model Driven Engineering Languages and Systems, K. Czarnecki, I. Ober, J.-M. Bruel, A. Uhl and M. Völter Eds., Springer, Berlin, 537--552. Google ScholarGoogle ScholarDigital LibraryDigital Library
  96. Musman, S. and Flesher, P. 2000. System or security managers adaptive response tool. In Proceedings of the DARPA Information Survivability Conference and Exposition (DISCEX’00). Vol. 2, 56--68.Google ScholarGoogle Scholar
  97. Nagarajan, A., Nguyen, Q., Banks, R., and Sood, A. 2011. Combining intrusion detection and recovery for enhancing system dependability. In Proceedings of the 2011 IEEE/IFIP 41st International Conference on Dependable Systems and Networks Workshops (DSN-W), 25--30. Google ScholarGoogle ScholarDigital LibraryDigital Library
  98. Neumann, P. G. and Porras, P. A. 1999. Experience with EMERALD to date. In Proceedings of the 1st USENIX Workshop on Intrusion Detection and Network Monitoring, 73--80. Google ScholarGoogle ScholarDigital LibraryDigital Library
  99. Nguyen, Q. L. and Sood, A. 2011. A comparison of intrusion-tolerant system architectures. IEEE Secur. Priv. 9, 4, 24--31. Google ScholarGoogle ScholarDigital LibraryDigital Library
  100. Okhravi, H., Comella, A., Robinson, E., and Haines, J. 2012. Creating a cyber moving target for critical infrastructure applications using platform diversity. Int. J. Crit. Infrastruct. Protection 5, 1, 30--39.Google ScholarGoogle ScholarCross RefCross Ref
  101. Okhravi, H., Robinson, E. I., Yannalfo, S., Michaleas, P. W., Haines, J., and Comella, A. 2010. TALENT: Dynamic platform heterogeneity for cyber survivability of mission critical applications. In Proceedings of the Secure and Resilient Cyber Architecture Conftrence (SCRA’10).Google ScholarGoogle Scholar
  102. Ostrovsky, R. and Yung, M. 1991. How to withstand mobile virus attacks (extended abstract). In Proceedings of the 10th Annual ACM Symposium on Principles of Distributed Computing. ACM, 51--59. Google ScholarGoogle ScholarDigital LibraryDigital Library
  103. Pal, P., Webber, F., and Schantz, R. 2007. The DPASA survivable JBI-a high-water mark in intrusion-tolerant systems. In Proceedings of the WRAITS 2007.Google ScholarGoogle Scholar
  104. Pasquale, L., Salehie, M., Ali, R., Omoronyia, I., and Nuseibeh, B. 2012. On the role of primary and secondary assets in adaptive security: An application in smart grids. In Proceedings of the 2012 ICSE Workshop on Software Engineering for Adaptive and Self-Managing Systems (SEAMS), 165--170.Google ScholarGoogle Scholar
  105. Perrin, C. 2008. The CIA Triad. http://www.techrepublic.com/blog/security/the-cia-triad/488.Google ScholarGoogle Scholar
  106. Porras, P. A. and Neumann, P. G. 1997. EMERALD: Event monitoring enabling responses to anomalous live disturbances. In Proceedings of the 20th National Information Systems Security Conference, 353--365.Google ScholarGoogle Scholar
  107. Portokalidis, G. and Bos, H. 2007. SweetBait: Zero-hour worm detection and containment using low- and high-interaction honeypots. Comput. Netw. 51, 5, 1256--1274. Google ScholarGoogle ScholarDigital LibraryDigital Library
  108. Psaier, H. and Dustdar, S. 2011. A survey on self-healing systems: Approaches and systems. Computing 91, 1, 43--73. Google ScholarGoogle ScholarDigital LibraryDigital Library
  109. Raissi, J. 2006. Dynamic selection of optimal cryptographic algorithms in a runtime environment. In Proceedings of the IEEE Congress on Evolutionary Computation (CEC’06). 184--191.Google ScholarGoogle ScholarCross RefCross Ref
  110. Rawat, S. and Saxena, A. 2009. Danger theory based SYN flood attack detection in autonomic network. In Proceedings of the 2nd International Conference on Security of Information and Networks. ACM, 213--218. Google ScholarGoogle ScholarDigital LibraryDigital Library
  111. Reiser, H. P. and Kapitza, R. 2007a. VM-FIT: Supporting intrusion tolerance with virtualisation technology. In Proceedings of the 1st Workshop on Recent Advances on Intrusion-Tolerant Systems (in conjunction with Eurosys 2007).Google ScholarGoogle Scholar
  112. Reiser, H. P. and Kapitza, R. 2007b. Hypervisor-based efficient proactive recovery. In Proceedings of the 26th IEEE International Symposium on Reliable Distributed Systems (SRDS’07), 83--92. Google ScholarGoogle ScholarDigital LibraryDigital Library
  113. Reynolds, J., Just, J., Lawson, E., Clough, L., Maglich, R., and Levitt, K. 2002. The design and implementation of an intrusion tolerant system. In Proceedings of the International Conference on Dependable Systems and Networks (DSN’02). 285--290. Google ScholarGoogle ScholarDigital LibraryDigital Library
  114. Reynolds, J. C., Just, J., Clough, L., and Maglich, R. 2003. On-line intrusion detection and attack prevention using diversity, generate-and-test, and generalization. In Proceedings of the 36th Annual Hawaii International Conference on System Sciences. Google ScholarGoogle ScholarDigital LibraryDigital Library
  115. Sadjadi, S. M. 2003. A survey of adaptive middleware. Michigan State University Report MSU-CSE-03-35.Google ScholarGoogle Scholar
  116. Salehie, M., Pasquale, L., Omoronyia, I., Ali, R., and Nuseibeh, B. 2012. Requirements-driven adaptive security: Protecting variable assets at runtime. In Proceedings of the 20th IEEE International Requirements Engineering Conference (RE). 111--120. IEEE. Google ScholarGoogle ScholarDigital LibraryDigital Library
  117. Salehie, M. and Tahvildari, L. 2009. Self-adaptive software: Landscape and research challenges. ACM Trans. Auton. Adapt. Syst. 4, 2, 14:1--14:42. Google ScholarGoogle ScholarDigital LibraryDigital Library
  118. Savola, R. M. and Heinonen, P. 2010. Security-measurability-enhancing mechanisms for a distributed adaptive security monitoring system. In Proceedings of the 4th International Conference on Emerging Security Information Systems and Technologies (SECURWARE). 25--34. Google ScholarGoogle ScholarDigital LibraryDigital Library
  119. Saxena, A., Lacoste, M., Jarboui, T., Lücking, U., and Steinke, B. 2007. A software framework for autonomic security in pervasive environments. In Information Systems Security, P. McDaniel and S. Gupta Eds., Springer, Berlin, 91--109. Google ScholarGoogle ScholarDigital LibraryDigital Library
  120. Schaub, F., Konings, B., Weber, M., and Kargl, F. 2012. Towards context adaptive privacy decisions in ubiquitous computing. In Proceedings of the 2012 IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOM Workshops). 407--410.Google ScholarGoogle Scholar
  121. Schneider, F. B. 2003. Enforceable security policies. Foundations of Intrusion Tolerant Systems, {Organically Assured and Survivable Information Systems}, 117--137.Google ScholarGoogle Scholar
  122. Shameli-Sendi, A., Ezzati-Jivan, N., Jabbarifar, M., and Dagenais, M. 2012. Intrusion response systems: Survey and taxonomy. Int. J. Comput. Sci. Netw. Secur. 12, 1, 1--14.Google ScholarGoogle Scholar
  123. Sibai, F. M. and Menasce, D. A. 2011. Defeating the insider threat via autonomic network capabilities. In Proceedings of the 3rd International Conference on Communication Systems and Networks (COMSNETS). 1--10.Google ScholarGoogle Scholar
  124. Sibai, F. M. and Menasce, D. A. 2012. Countering network-centric insider threats through self-protective autonomic rule generation. In Proceedings of the IEEE 6th International Conference on Software Security and Reliability (SERE). 273--282. Google ScholarGoogle ScholarDigital LibraryDigital Library
  125. Sousa, P., Bessani, A. N., Correia, M., Neves, N. F., and Verissimo, P. 2007. Resilient intrusion tolerance through proactive and reactive recovery. In Proceedings of the 13th Pacific Rim International Symposium on Dependable Computing (PRDC’07). 373--380. Google ScholarGoogle ScholarDigital LibraryDigital Library
  126. Sousa, P., Bessani, A. N., Correia, M., Neves, N. F., and Verissimo, P. 2010. Highly available intrusion-tolerant services with proactive-reactive recovery. IEEE Trans. Parall. Distrib. Syst. 21, 4, 452--465. Google ScholarGoogle ScholarDigital LibraryDigital Library
  127. Sousa, P., Neves, N. F., Verissimo, P., and Sanders, W. H. 2006. Proactive resilience revisited: The delicate balance between resisting intrusions and remaining available. In Proceedings of the 25th IEEE Symposium on Reliable Distributed Systems (SRDS’06). 71--82. Google ScholarGoogle ScholarDigital LibraryDigital Library
  128. Sowa, J. F. and Zachman, J. A. 1992. Extending and formalizing the framework for information systems architecture. IBM Syst. J. 31, 3, 590--616. Google ScholarGoogle ScholarDigital LibraryDigital Library
  129. Spanoudakis, G., Kloukinas, C., and Androutsopoulos, K. 2007. Towards security monitoring patterns. In Proceedings of the ACM Symposium on Applied Computing, ACM. 1518--1525. Google ScholarGoogle ScholarDigital LibraryDigital Library
  130. Stakhanova, N., Basu, S., and Wong, J. 2007a. A taxonomy of intrusion response systems. Int. J. Inf. Comput. Sec. 1, 1, 169--184. Google ScholarGoogle ScholarDigital LibraryDigital Library
  131. Stakhanova, N., Basu, S., and Wong, J. 2007b. A cost-sensitive model for preemptive intrusion response systems. In Proceedings of the 21st International Conference on Advanced Information Networking and Applications (AINA’07). 428--435. Google ScholarGoogle ScholarDigital LibraryDigital Library
  132. Strasburg, C., Stakhanova, N., Basu, S., and Wong, J. S. 2009. A framework for cost sensitive assessment of intrusion response selection. In Proceedings of the 33rd Annual IEEE International Computer Software and Applications Conference (COMPSAC’09). 355--360. Google ScholarGoogle ScholarDigital LibraryDigital Library
  133. Sundaram, A. 1996. An introduction to intrusion detection. Crossroads 2, 4, 3--7. Google ScholarGoogle ScholarDigital LibraryDigital Library
  134. Swiderski, F. and Snyder, W. 2004. Threat Modeling. Microsoft Press, Redmond, WA. Google ScholarGoogle ScholarDigital LibraryDigital Library
  135. Swimmer, M. 2007. Using the danger model of immune systems for distributed defense in modern data networks. Comput. Netw. 51, 5, 1315--1333. Google ScholarGoogle ScholarDigital LibraryDigital Library
  136. Taddeo, A. V. and Ferrante, A. 2009. Run-time selection of security algorithms for networked devices. In Proceedings of the 5th ACM Symposium on QoS and Security for Wireless and Mobile Networks. ACM, 92--96. Google ScholarGoogle ScholarDigital LibraryDigital Library
  137. Tan, L., Zhang, X., Ma, X., Xiong, W., and Zhou, Y. 2008. AutoISES: Automatically inferring security specifications and detecting violations. In Proceedings of the 17th Conference on Security Symposium. 379--394. Google ScholarGoogle ScholarDigital LibraryDigital Library
  138. Tang, C. and Yu, S. 2008. A dynamic and self-adaptive network security policy realization mechanism. In Proceedings of the IFIP International Conference on Network and Parallel Computing (NPC’08). 88--95. Google ScholarGoogle ScholarDigital LibraryDigital Library
  139. Uribe, T. E. and Cheung, S. 2004. Automatic analysis of firewall and network intrusion detection system configurations. In Proceedings of the 2004 ACM Workshop on Formal Methods in Security Engineering. 66--74. Google ScholarGoogle ScholarDigital LibraryDigital Library
  140. Valdes, A., Almgren, M., Cheung, S. et al. 2004. An architecture for an adaptive intrusion-tolerant server. In Security Protocols, B. Christianson, B. Crispo, J. Malcolm, and M. Roe Eds., Springer, Berlin, 569--574.Google ScholarGoogle Scholar
  141. Verissimo, P. E., Neves, N. F., Cachin, C. et al. 2006. Intrusion-tolerant middleware: The road to automatic security. IEEE Secur. Priv. 4, 4, 54--62. Google ScholarGoogle ScholarDigital LibraryDigital Library
  142. Vikram, K., Prateek, A., and Livshits, B. 2009. Ripley: Automatically securing web 2.0 applications through replicated execution. In Proceedings of the 16th ACM Conference on Computer and Communications Security, ACM, 173--186. Google ScholarGoogle ScholarDigital LibraryDigital Library
  143. Villegas, N. M., Müller, H. A., Tamura, G., Duchien, L., and Casallas, R. 2011. A framework for evaluating quality-driven self-adaptive software systems. In Proceedings of the 6th International Symposium on Software Engineering for Adaptive and Self-Managing Systems, ACM, 80--89. Google ScholarGoogle ScholarDigital LibraryDigital Library
  144. Villegas, N. M., Tamura, G., Müller, H. A., Duchien, L., and Casallas, R. 2013. DYNAMICO: A reference model for governing control objectives and context relevance in self-adaptive software systems. In Software Engineering for Self-Adaptive Systems II, R. Lemos, H. Giese, H. A. Müller, and M. Shaw Eds., Springer Berlin, 265--293.Google ScholarGoogle Scholar
  145. Wang, F., Jou, F., Gong, F., Sargor, C., Goseva-Popstojanova, K., and Trivedi, K. 2003. SITAR: A scalable intrusion-tolerant architecture for distributed services. In Foundations of Intrusion Tolerant Systems {Organically Assured and Survivable Information Systems}, 359--367.Google ScholarGoogle Scholar
  146. Wang, H., Dong, X., and Wang, H. 2009. A method for software security growth based on the real-time monitor algorithm and software hot-swapping. In Proceedings of the 8th IEEE International Conference on Dependable, Autonomic and Secure Computing (DASC’09). 137--142. Google ScholarGoogle ScholarDigital LibraryDigital Library
  147. Weyns, D., Malek, S., and Andersson, J. 2012. FORMS: Unifying reference model for formal specification of distributed self-adaptive systems. ACM Trans. Autonom. Adapt. Syst. 7, 1, 1--61. Google ScholarGoogle ScholarDigital LibraryDigital Library
  148. White, S. R., Swimmer, M., Pring, E. J., Arnold, W. C., Chess, D. M., and Morar, J. F. 1999. Anatomy of a commercial-grade immune system. IBM Research White Paper.Google ScholarGoogle Scholar
  149. Wu, Y.-S., Foo, B., Mao, Y.-C., Bagchi, S., and Spafford, E. H. 2007. Automated adaptive intrusion containment in systems of interacting services. Comput. Netw. 51, 5, 1334--1360. Google ScholarGoogle ScholarDigital LibraryDigital Library
  150. Xiao, L. 2008. An adaptive security model using agent-oriented MDA. Inf. Softw. Tech. 51, 5, 933--955. Google ScholarGoogle ScholarDigital LibraryDigital Library
  151. Xiao, L., Peet, A., Lewis, P. et al. 2007. An adaptive security model for multi-agent systems and application to a clinical trials environment. In Proceedings of the 31st Annual International Computer Software and Applications Conference (COMPSAC’07). 261--268. Google ScholarGoogle ScholarDigital LibraryDigital Library
  152. Yau, S. S., Yao, Y., and Yan, M. 2006. Development and runtime support for situation-aware security in autonomic computing. In Proceedings of the 3rd International Conference on Autonomic and Trusted Computing, Springer-Verlag, 173--182. Google ScholarGoogle ScholarDigital LibraryDigital Library
  153. Yu, Z., Tsai, J. J. P., and Weigert, T. 2007. An automatically tuning intrusion detection system. IEEE Trans. Syst. Man Cybernet., Part B: Cybernetics 37, 2, 373--384. Google ScholarGoogle ScholarDigital LibraryDigital Library
  154. Yu, Z., Tsai, J. J. P., and Weigert, T. 2008. An adaptive automatically tuning intrusion detection system. ACM Trans. Auton. Adapt. Syst. 3, 3, 10:1--10:25. Google ScholarGoogle ScholarDigital LibraryDigital Library
  155. Yuan, E. and Malek, S. 2012. A taxonomy and survey of self-protecting software systems. In Proceedings of the 2012 ICSE Workshop on Software Engineering for Adaptive and Self-Managing Systems (SEAMS). 109--118.Google ScholarGoogle Scholar
  156. Zhang, Z., Naït-Abdesselam, F., Ho, P.-H., and Kadobayashi, Y. 2011. Toward cost-sensitive self-optimizing anomaly detection and response in autonomic networks. Comput. Secur. 30, 6--7, 525--537.Google ScholarGoogle ScholarDigital LibraryDigital Library
  157. Zhang, Z. and Shen, H. 2009. M-AID: An adaptive middleware built upon anomaly detectors for intrusion detection and rational response. ACM Trans. Auton. Adapt. Syst. 4, 4, 24:1--24:35. Google ScholarGoogle ScholarDigital LibraryDigital Library
  158. Zhu, M., Yu, M., Xia, M. et al. 2011. VASP: Virtualization assisted security monitor for cross-platform protection. In Proceedings of the 2011 ACM Symposium on Applied Computing, ACM, 554--559. Google ScholarGoogle ScholarDigital LibraryDigital Library
  159. Zou, J., Lu, K., and Jin, Z. 2002. Architecture and fuzzy adaptive security algorithm in intelligent firewall. In Proceedings of the MILCOM’02. Vol. 2, 1145--1149.Google ScholarGoogle Scholar

Index Terms

  1. A Systematic Survey of Self-Protecting Software Systems

    Recommendations

    Comments

    Login options

    Check if you have access through your login credentials or your institution to get full access on this article.

    Sign in

    Full Access

    PDF Format

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader
    About Cookies On This Site

    We use cookies to ensure that we give you the best experience on our website.

    Learn more

    Got it!