The research work at ACRL specifically contributes toward the need of advanced security system to identify, assess, and respond against the attacks across the large systems such as, Cloud Computing environments, 5G systems, and Cypher Physical Systems in a scalable and autonomous way without human intervention.
A second direction of ACRL’s research work studies the developing of machine learning approaches to solve several research problems related to high performance systems. To this end, we develop a new prediction approach to predict with higher accuracy the resource needs of a cloud consumer in terms of CPU, memory, and disk storage utilization. This approach is also able to predict the response time and throughput which in turns enable the cloud consumers to make a better scaling decision. It also takes into account the dynamic behavior of consumer requests in a long term period and the seasonal or/and trend patterns in time series.
The following projects are currently running at the ACRL:
Project 1: Towards a Secure Cloud based 5G System
This project specifically contributes toward the need of advanced security system to identify, assess, and respond against the attacks across the new standard 5G systems in a scalable and autonomous way with or without human intervention based on the criticality of the 5G asset that can be protected. To this end, this proposal augments our existing security framework with the following capabilities:
i) A hierarchical distributed security framework. This framework will be able to detect cyber-attacks and represent the geographically distributed nature of the real time systems where a large number of distributed nodes are serving users.
ii) A new risk assessment model. This model quantitatively and accurately computes the entire security risk regardless of the IDSs alert granularity shortcomings. This model will be built on the fact that a complex or multi stage attacks are a sequence, e.g. a chain, of elementary attacks where a threat agent acquires the privileges to implement each attack through the previous attacks in the chain.
iii) An autonomous risk mitigation system. This system may or may not include human in-the-loop based on the criticality of the systems assets that can be protected. This system yields high classification accuracy and low false positive rate. It selects the most proper set of response actions to protect the system assets against a particular attack.
Project 2: Attacks Detection in Smart Grid and SCADA Systems:
Supervisory Control and Data Acquisition (SCADA) systems became vital targets for intruders because of the large volume of its sensitive data. The Cyber Physical Power Systems (CPPS) is an example of these systems in which the deregulation and multipoint communication between consumers and utilities involve large volume of high speed heterogeneous data. The Non-Nested Generalized Exemplars (NNGE) algorithm is one of the most accurate classification techniques that can work with such data of CPPS. However, NNGE algorithm tends to produce rules that test a large number of input features. In this project, we introduce our new Feature Selection and Data Reduction Method (FSDRM) to improve the classification accuracy and speed of the NNGE algorithm and to reduce the computational resource consumption. FSDRM provides the following functionalities: (1) it reduces the dataset features by selecting the most significant ones, (2) it reduces the NNGE’s hyperrectangles classifiers.
Project 3: Developing a Scalable Security Countering Cyber-Adversary in Critical Infrastructures.
This research work is expected to have an impact on the robustness of critical infrastructures supporting power systems with respect to the Cyber-Physical Systems (CPS) attacks and vulnerabilities that are recently increasing. The consequences of such attacks can be catastrophic. A failure of Cyber-Physical Systems (CPS) may cause a safety risk to the environment and people and reduces both the revenue and return of investment. Despite ongoing efforts to secure and protect the CPS, these critical infrastructure components remain vulnerable to recent intensified sophisticated attacks. With respect to the current state of the art, this project specifically contributes toward the need of advanced security system to identify, assess, and respond against the attacks across the large CPS in a scalable and autonomous way with or without human intervention based on the criticality of the CPS asset that can be protected.