Abstract
Addressing security misconfiguration in complex distributed systems, such as networked Industrial Control Systems (ICS) and Internet of Things (IoT) is challenging. Owners and operators must go beyond tuning parameters of individual components and consider the security implications of configuration changes on entire systems. Given the growing scale of cyber systems, this task must be highly automated. Unfortunately, prior work on configuration errors has largely ignored the security impact of configurations of connected components. To address this gap, we present SCIBORG, a framework that improves the security posture of distributed systems by examining the impact of configuration changes across interdependent components using a graph-based model of the system and its vulnerabilities. It formulates a Constraint Satisfaction Problem from the graph-based model and uses an SMT solver to find optimal configuration parameter values that minimize the impact of attacks while preserving system functionality. SCIBORG also provides supporting evidence for the proposed configuration changes. We evaluate SCIBORG on an IoT testbed.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
