CIPART - Cloud Intelligent Protection at Run-Time

Keyboard

Principal Investigator (Business School): Dr Catherine Mulligan

Researchers: Konstantina Spanaki and Zeynep Gurguc

Research Partners: The Department of Computing

Funder: EPSRC

Duration: July 2014 – July 2017

Organisations of all sizes increasingly rely upon cloud environments to supply their ICT needs and will continue as data is increasingly collected from mobile devices and smart environments including homes, infrastructures and smart-cities. Clouds are consequently an attractive and vulnerable target for organised and skilled cyber-attacks as they tend to host multiple tenant organisations with different interests and different risk aversion profiles. Yet clouds also offer opportunities for better protection both pro-actively and reactively in response to a persistent attack which this project will investigate.

The research team at Imperial will also consider the business models and incentives involved in the relationships between cloud tenants and hosting organisations, proposing new models for secure information exchange to simplify security management and provide better protection.  By combining fundamental research with practical experimentation and evaluation this project will provide insight into specific trade-offs that are key for future research and development in this area. In particular, an understanding of the balance between pro-active and reactive security measures in cloud environments and the trade-off between attack graph generation complexity and scaleability of analysis are fundamental both for technology development and for business model development.

This project will:

  • Define novel dynamic techniques to integrate security techniques with systems management information for better protection and develop new techniques to simplify analysis of the security posture.
  • Combine fundamental research with deployment and evaluation in a concrete industrial test-bed.  Empirical experimentation and evaluation are necessary and must happen concurrently with the development of new solutions. We aim to better understanding the empirical complexity of algorithms for logic based reasoning, probabilistic analysis and reinforcement learning when applied in a concrete industrial test environment and address the trade-off between pro-active and reactive protection in an experimental setting using new algorithms.
  • Place the work within a business context and in particular to review and investigate business models for the provision of security services in cloud environments and to propose new models that facilitate collaboration and exchange of security relevant information between tenants and cloud providers.