A Model-Based Validated Autonomic Approach to Self-Protect Computing Systems

This paper introduces an autonomic model-based cyber security management approach for the Internet of Things (IoT) ecosystems. The approach aims at realizing a self-protecting system, which has the ability to autonomously estimate, detect, and react to cyber attacks at an early stage. Our approach integrates various model-based techniques including: 1) real-time estimation and baseline security controls to predict and eliminate potential cyber attacks; 2) data analysis to identify and classify attacks; and 3) a multicriteria optimization method to select the optimal active response for deploying countermeasures while maintaining system functions. The prototype framework has been developed with a master controller virtual machine, which can be configured for various platforms. Experimental results demonstrated the effectiveness of this proposed approach in protecting a Web-based application against known and unknown attacks with little or no human intervention.