| |
[Download
PDF here!]
Authors: Howard Shrobe,
Robert Laddaga, Bob Balzer, Neil Goldman,
Dave Wile,
Marcelo Tallis, Tim Hollebeek, Alexander Egyed
Information systems form the backbones of the critical infrastructures of
modern societies. Unfortunately, these systems are highly vulnerable to
attacks that can result in enormous damage. Furthermore, traditional
approaches to information security have not provided all the protections
necessary to defeat and recover from a concerted attack; in particular, they
are largely irrelevant to the problem of defending against attacks launched
by insiders.
This
paper describes two related systems PMOP and AWDRAT that were developed
during the DARPA Self Regenerative Systems program. PMOP defends against
insider attacks while AWDRAT is intended to detect compromises to software
systems. Both rely on self-monitoring, diagnosis and self-adaptation. We
describe both systems and show the results of experiments with each.
|
|