Overview

Ultra-Dependable Computing research in the Computer Architecture Lab covers two topics: Self-Regenerating Systems and Distributed Processing Techniques to Combat Insider Risks. The work on Self-Regenerating systems is currently based on reconfigurable logic devices as described in the Evolvable Hardware research topic. Our research on the difficult problem of increasing robustness against insider risks is addressed using distributed agent-based approaches to network security as described here.

An insider-robust approach to file integrity verification is developed using interacting strata of mobile agents. Previous approaches relied upon monolithic architectures, or more recently, agent frameworks using a centralized control mechanism or common reporting repository. However, any such distinct tampering point introduces vulnerabilities, especially from knowledgeable insiders capable of abusing security-critical resources. In the Collaborative Object Notification Framework for Insider Defense using Autonomous Network Transactions (CONFIDANT), the mechanisms for tampering detection, decision-making, and alert signaling are corroborated by autonomous agents. All capabilities are distributed and transactions are interlocked by tamper-evident handshaking protocols. Moreover, the agent dispatch policies and travel itineraries are constructed dynamically in response to events throughout the network. Results show mitigation of Pacing, Altering Internal Data, and File Juggling tampering modes with a TME benchmark score of 103 out of 123 versus 65 and 59, respectively, for the existing analyzers Tripwire and AIDE.

Sponsors

• National Aeronautics and Space Administration (NASA) [Sponsor's Site] [Award Details]
• Lockheed Martin Information Systems [Sponsor's Site] [Award Details]
• National Security Agency [Sponsor's Site] [Award Details]

People

Faculty

Publications

Book Chapters

1. J. D. Lohn, G. Larchev, and R. F. DeMara, "Fault Recovery and Correctness Evaluation of Sequential Circuits using Genetic Algorithms,"in Advances in Machine Learning, Springer Verlag Heidelberg (to appear).
   [abstract] [pdf] [doc] [bibtex]

Journal Articles

1. A. J. Rocke and R. F. DeMara, “Mitigation of Insider Risks using Distributed Agent Detection, Filtering and Signaling,” accepted for publication in International Journal of Network Security on September 12, 2005, in press.
   [abstract] [pdf] [bibtex]
2. A. J. Rocke and R. F. DeMara, “CONFIDANT: Collaborative Object Notification Framework for Insider Defense using Autonomous Network Transactions,” accepted to Journal of Autonomous Agents and Multi-Agent Systems, on August 12, 2005, in press.
   [abstract] [pdf] [bibtex]
3. D. S. Carstens, P. McCauley-Bell, L. C. Malone, and R. F. DeMara, “Evaluation of the Human Impact of Password Authentication Practices on Information Security,” Informing Science Journal, Vol. 7, No. 1, August, 2004, pp. 67 – 85.
   [abstract] [pdf] [doc] [bibtex]
4. R. F. DeMara and A. J. Rocke, “Mitigation of Network Tampering Using Dynamic Dispatch of Mobile Agents,” Computers and Security, Vol. 23, No. 1, February, 2004, pp. 31 – 42.
   [abstract] [pdf] [bibtex]

Conference Proceedings

1. R. F. DeMara and K. Zhang, “Autonomous FPGA Fault Handling through Competitive Runtime Reconfiguration,” in Proceedings of the NASA/DoD Conference on Evolvable Hardware(EH’05), Washington D.C., U.S.A., June 29 – July 1, 2005.
   [abstract] [pdf] [ppt][bibtex]
2. R. F. DeMara and C. A. Sharma, “Self-Checking Fault Detection using Discrepancy Mirrors,” in Proceedings of the International Conference on Parallel and Distributed Processing Techniques and Applications (PDPTA’05), Las Vegas, Nevada, U.S.A, June 27 – 30, 2005.
   [abstract] [pdf] [ppt] [bibtex]
3. G. Wang, R. F. DeMara and A. J. Rocke, “Mobility-Enhanced File Integrity Analyzer For Networked Environments,” in Proceedings of the 9th World Multi-Conference on Systemics, Cybernetics and Informatics (WMSCI '05), Orlando, FL, July 10 – 13, 2005.
   [abstract] [pdf][pdf presentation] [bibtex]