Abstracting the geniuses away from failure testing

Alvaro, Peter; Tymon, Severine

doi:10.1145/3152483

Cited by 8 publications

(10 citation statements)

References 21 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Chaos Monkey [45]. Another advantage of using attack graphs is they aid automation, and reduce the need for security experts and chaos engineering experts as noted by Alvaro et.al [46]. We leverage the graph generation feature of Terraform 8 to construct attack graphs ( Figure 6), which are then further processed using GraphViz-Java 9 , a Java implementation of the of GraphViz.…”

Section: ) Attack Graphsmentioning

confidence: 99%

CloudStrike: Chaos Engineering for Security and Resiliency in Cloud Infrastructure

et al. 2020

View full text Add to dashboard Cite

Most cyber-attacks and data breaches in cloud infrastructure are due to human errors and misconfiguration vulnerabilities. Cloud customer-centric tools are imperative for mitigating these issues, however existing cloud security models are largely unable to tackle these security challenges. Therefore, novel security mechanisms are imperative, we propose Risk-driven Fault Injection (RDFI) techniques to address these challenges. RDFI applies the principles of chaos engineering to cloud security and leverages feedback loops to execute, monitor, analyze and plan security fault injection campaigns, based on a knowledge-base. The knowledge-base consists of fault models designed from secure baselines, cloud security best practices and observations derived during iterative fault injection campaigns. These observations are helpful for identifying vulnerabilities while verifying the correctness of security attributes (integrity, confidentiality and availability). Furthermore, RDFI proactively supports risk analysis and security hardening efforts by sharing security information with security mechanisms. We have designed and implemented the RDFI strategies including various chaos engineering algorithms as a software tool: CloudStrike. Several evaluations have been conducted with CloudStrike against infrastructure deployed on two major public cloud infrastructure: Amazon Web Services and Google Cloud Platform. The time performance linearly increases, proportional to increasing attack rates. Also, the analysis of vulnerabilities detected via security fault injection has been used to harden the security of cloud resources to demonstrate the effectiveness of the security information provided by CloudStrike. Therefore, we opine that our approaches are suitable for overcoming contemporary cloud security issues.

show abstract

Section: ) Attack Graphsmentioning

confidence: 99%

CloudStrike: Chaos Engineering for Security and Resiliency in Cloud Infrastructure

et al. 2020

View full text Add to dashboard Cite

show abstract

“…Chaos Monkey [43]. Another advantage of using attack graphs is they aid automation, and reduce the need for security experts and chaos engineering experts as noted by Alvaro et.al [44]. We leverage the graph generation feature of Terraform 10 to construct attack graphs ( Figure 6), which are then further processed using GraphViz-Java 11 , a Java implementation of the of GraphViz.…”

Section: Fault Modelsmentioning

confidence: 99%

Cloudstrike: Chaos Engineering for Security and Resiliency in Cloud Infrastructure

Torkura¹

2020

Preprint

View full text Add to dashboard Cite

<div>Most cyber-attacks and data breaches in cloud</div><div>infrastructure are due to human errors and misconfiguration</div><div>vulnerabilities. Cloud customer-centric tools are lacking, and existing</div><div>security models do not efficiently tackle these security challenges.</div><div>Novel security mechanisms are imperative, therefore, we</div><div>propose Risk-driven Fault Injection (RDFI) techniques to tackle</div><div>these challenges. RDFI applies the principles of chaos engineering</div><div>to cloud security and leverages feedback loops to execute, monitor,</div><div>analyze and plan security fault injection campaigns, based on</div><div>a knowledge-base. The knowledge-base consists of fault models</div><div>designed from cloud security best practices and observations</div><div>derived during iterative fault injection campaigns. Furthermore,</div><div>the observations indicate security weaknesses and verify the</div><div>correctness of security attributes (integrity, confidentiality and</div><div>availability) and security controls. Ultimately this knowledge is</div><div>critical in guiding security hardening efforts and risk analysis.</div><div>We have designed and implemented the RDFI strategies including</div><div>various chaos algorithms as a software tool: CloudStrike. Furthermore,</div><div>CloudStrike has been evaluated against infrastructure</div><div>deployed on two major public cloud systems: Amazon Web Service</div><div>and Google Cloud Platform. The time performance linearly</div><div>increases, proportional to increasing attack rates. Similarly, CPU</div><div>and memory consumption rates are acceptable. Also, the analysis</div><div>of vulnerabilities detected via security fault injection has been</div><div>used to harden the security of cloud resources to demonstrate the</div><div>value of CloudStrike. Therefore, we opine that our approaches</div><div>are suitable for overcoming contemporary cloud security issues</div>

show abstract

“…The dup [2,3] syscall duplicates a file descriptor so that the process can use two different file descriptors to access the same open file. SPADE and CamFlow do not record this call directly, but the changes to the process's file descriptor state can affect future file system calls that are monitored.…”

Section: File Systemmentioning

confidence: 99%

“…for reproducibility [28], dependability [3], and regulatory compliance [30], and it is increasingly being used for security, through forensic audit [33] or online dynamic detection of malicious behavior [16,17]. To cater to the requirements of different use-cases, there are many system-level provenance capture systems in the literature, such as PASS [23], Hi-Fi [31], SPADE [12], OPUS [5], LPM [6], Inspector [32], and CamFlow [26] covering a variety of operating systems from Linux and BSD to Android and Windows.…”

mentioning

confidence: 99%

ProvMark

Chan

Cheney

Bhatotia

et al. 2019

Proceedings of the 20th International Middleware Conference

View full text Add to dashboard Cite

System level provenance is of widespread interest for applications such as security enforcement and information protection. However, testing the correctness or completeness of provenance capture tools is challenging and currently done manually. In some cases there is not even a clear consensus about what behavior is correct. We present an automated tool, ProvMark, that uses an existing provenance system as a black box and reliably identifies the provenance graph structure recorded for a given activity, by a reduction to subgraph isomorphism problems handled by an external solver. ProvMark is a beginning step in the much needed area of testing and comparing the expressiveness of provenance systems. We demonstrate ProvMark's usefuless in comparing three capture systems with different architectures and distinct design philosophies. CCS Concepts• Applied computing → System forensics; • Software and its engineering → Operating systems; Software verification and validation; • Computing methodologies → Logic programming and answer set programming.

show abstract

Abstracting the geniuses away from failure testing

Abstract: Ordinary users need tools that automate the selection of custom-tailored faults to inject.

Cited by 8 publications

References 21 publications

CloudStrike: Chaos Engineering for Security and Resiliency in Cloud Infrastructure

CloudStrike: Chaos Engineering for Security and Resiliency in Cloud Infrastructure

Cloudstrike: Chaos Engineering for Security and Resiliency in Cloud Infrastructure

ProvMark

Contact Info

Product

Resources

About