Resilience is a relatively new concept in computer security that is continuing to evolve. The research community has not settled on an exact definition for resilience, but most agree that this security property should include resistence to attack, damage recovery, and the ability for a system to learn and better resist such an attack in the future. Much of the existing research has focused on resilience solely in terms of availability, or in defining metrics to describe and compare the resilience of systems. The goal of this dissertation is to not only explore the possibility of a more general framework for resilience, but to also analyze the effectiveness of methods and technologies that can be used to measure and provide resilience.
The dissertation begins by covering common elements of computer security, providing exam- ples, addressing vulnerabilities and exploits, and suggesting potential solutions. In later sections, we examine the feasibility of the proposed solutions. Alternative solutions are compared in the context of a network’s priorities, abilities, and dependencies. Our work is inspired by the need for better security metrics in order to quantitatively evaluate and compare different systems and networks. A robust set of metrics that describe the security and recovery features of systems can provide a foundation for at least two key concepts: a network resilience communication protocol and a resilience testing framework. The communication protocol could help network administrators maintain and improve the resilience of their networks. It would facilitate communication between systems on the network so that potential threats can be quickly identified and so that changes can be made autonomously to reduce the impact of a threat without the need for human intervention. The testing framework can be used to test a system’s resilience to specific attacks, packaged as portable modules. Network administrators can use data and visualization results of this framework to make informed decisions about how to improve their resilience. The communication protocol may be able to analyze results from the testing framework to improve a network’s resilience. The goal of these two projects would be to develop solutions that can improve the resilience of networks in general, taking into account their size, security requirements, and critical functions.