System impact characteristics of cyber services, security mechanisms, and attacks with implications in cyber system survivability

Abstract

Three types of activities may run on computer and network systems at the same time: services, security mechanisms, and attacks. Computer and network systems should sustain legitimate cyber services even under attacks. In this study, system impacts of services, security mechanisms and attacks are investigated and used to develop strategies for system survivability. Experiments are conducted to collect system dynamics data under two services of voice communication and motion detection, two security mechanisms of data encryption and intrusion detection, and five cyber attacks. Statistical analyses are performed on the experimental data to identify system-wide impacts of services, security mechanisms and attacks on system activities, state and performance. The analytical results reveal the system impact characteristics of these services, security mechanisms, and attacks on IO and file operations and bytes, page and cache faults, memory usage, CPU usage, and network traffic. The competition for system resources by all the activities in the system manifests themselves predominantly in their competition for limited CPU time. This competition for limited CPU time can be used as a strategy to ensure system survivability by increasing the activity level of legitimate services to leave less CPU time for attacks and thus suppress the level and system impacts of attacks while sustaining CPU time for legitimate services.