A Self-Protection Agent Using Error Correcting Output Codes to Secure Computers and Applications

Fabian De La Peña Montero, Salim Hariri, Gregory DItzler

Research output: Chapter in Book/Report/Conference proceedingConference contribution

3 Scopus citations

Abstract

The human immune system is incredibly efficient at identifying self- and non-self entities in our bodies. A non-self entity (malicious), once identified, is attacked by particular types of cells to remove the intruder before it can cause damage. Our immune system has components that identify not only non-self entities but also recall old entities that may not have been encountered for a very long time, but it is still essential that these entities be correctly classified as malicious. The domain of cybersecurity can significantly benefit from having a framework that can identify, react and adapt to malicious behaviors. Such a model for cyber protection should draw a parallel to our immune system, at least at a high level. In this work, we present a flexible framework that leverages machine learning to identify malicious behaviors that are threats to users, computers, and applications in a network. The proposed framework relies on the collection and aggregation of information relevant to identifying such malicious behaviors, machine learning - to learn and identify non-self behaviors automatically, and an adaptation mechanism to incorporate new threats for future classification. We benchmarked the proposed approach on a data set collected from multiple users, computer and applications, and we show that attacks (i.e., non-self behaviors) can be identified and mitigated through software. We compared classification models that perform binary classification (i.e., self or non-self), as well as multi-class predictions (i.e., what type of non-self behavior is detected).

Original languageEnglish (US)
Title of host publicationProceedings - 2017 IEEE International Conference on Cloud and Autonomic Computing, ICCAC 2017
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages58-68
Number of pages11
ISBN (Electronic)9781538619391
DOIs
StatePublished - Oct 9 2017
Event4th IEEE International Conference on Cloud and Autonomic Computing, ICCAC 2017 - Tucson, United States
Duration: Sep 18 2017Sep 22 2017

Publication series

NameProceedings - 2017 IEEE International Conference on Cloud and Autonomic Computing, ICCAC 2017

Other

Other4th IEEE International Conference on Cloud and Autonomic Computing, ICCAC 2017
Country/TerritoryUnited States
CityTucson
Period9/18/179/22/17

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Control and Optimization

Fingerprint

Dive into the research topics of 'A Self-Protection Agent Using Error Correcting Output Codes to Secure Computers and Applications'. Together they form a unique fingerprint.

Cite this