AKD: Autonomic Knowledge Discovery for Security Vulnerability Prevention in Self-governing Systems

(In Spanish)

Project STIC-AMSUD - Edition 2014

Nowadays, computer vulnerabilities constitute one of the main entry points for security attacks, and therefore, vulnerability management mechanisms are crucial for any computer system. On the other hand, the paradigm of autonomic computing is increasingly gaining traction as a novel model for managing complex systems and networks. Previous scientific contributions have dealt with autonomic mechanisms for assessing and remediating vulnerabilities. However, these solutions are reactive by nature, and sometimes correcting security vulnerabilities may involve costly activities that can degrade the performance of the system and eventually contradict existing operational policies. This project instead, targets the design and development of a novel autonomic approach able to proactively anticipate and prevent future vulnerable states. To that end, an efficient and intelligent use of the knowledge managed by self-governing entities becomes essential. Knowledge plays a central role for achieving autonomicity as it captures what an autonomic system knows about itself, about the environment, and the ways it can behave. Our goal is to take advantage of this knowledge, primarily using a conceptual knowledge discovery process (CKDP), in order to integrate anticipatory capabilities into the autonomic security plane. CKDP is an extension proposed to the standard knowledge discovery process, which has formal concept analysis (FCA) in its core. FCA has been used for several different applications of mining and knowledge management across multiple subdomains of computer science and bioinformatics. Some examples are organization, querying, browsing, search and prediction. The main goal of this project is the study of vulnerability anticipation mechanisms from the perspective of CKDP and FCA. To do so, we consider a conceptual mapping between the autonomic control loop usually called MAPE (monitoring, analysis, planning, execution) and CKDP (data preparation, mining, interpretation/evaluation, deployment). This mapping raises intriguing questions about the consequences of applying well-known techniques of knowledge discovery into autonomic-related problems and vice versa. The investigation of these consequences is one of the main goals of this work.

Within this project, we aim at creating bridges between two active research domains, autonomics and knowledge discovery, which are currently rather unfamiliar but that could greatly benefit from each other’s bodies of knowledge. Additionally, we target the integration of different research teams with distinct research focuses, allowing the exchange of ideas, knowledge and capabilities among them. Such a research work can lay the ground for deeper scientific exchange involving different research domains such as computer security, artificial intelligence, network management, formal methods and software engineering. Conceived as a cross-domain scientific project, the results obtained from this multidisciplinary collaboration effort are expected to highly enrich both the involved research fields as well as the scientific community as a whole

In this project participate research teams from Brazil, Chile, France and Uruguay