Cyber-security Monitoring for Future Computing Systems

22^nd April 2015, 11:00 Ashton Lecture Theater
Dr Jeff Rowe
Department of Computer Science
UC Davis
USA

Abstract

Cyber-security of systems is necessarily a broad and diverse discipline which involves a variety of computer science domains: cryptography, networking, operating systems, databases, machine learning and fault tolerance to name a few. One general cross-domain technique that has emerged is security monitoring. Although systems may not be verified beforehand, security properties can be recovered by monitoring their operating behavior at runtime. UC Davis has a long history in pioneering novel methods for system monitoring, primarily for detecting misuse and malicious attacks against traditional computing systems. Although the field of security monitoring is now relatively mature, several open problems still remain. How can one gain a level of assurance against attack techniques that are currently unknown? How does one choose and optimize the proper set of observables to monitor? How can practical runtime monitoring techniques be incorporated into a formal specification of a system’s security properties to provide strong security guarantees? In addition to securing traditional computer system, new security problems arise in the rapidly evolving cyber-physical system environment, as low cost computer control and communications are included in wide variety of everyday objects. How is security to be approached in domains as diverse as the electrical power grid, chemical plants, highway traffic infrastructure, automobiles, medical devices and the emerging Internet of Things? Dr. Rowe will describe his ongoing research to address these open problems in security and system monitoring for both traditional and emerging cyber-physical computing environments.