HdR defense of Zonghua Zhang
Title: Contributions to Cyber Attacks Mitigation: from Cost-Effective Security Hardening to Autonomic Defense
Time & Date: 13H15, June 10, 2015
Venue: Room A003, TĂ©lĂ©com SudParis, Ăvry
Committee:
M. Frédéric Cuppens, Professor of Télécom Bretagne, France (Rapporteur)
M. Hervé Debar, Professor of Télécom SudParis, France (Examinateur)
M. Javier Lopez, Professeur Universidad de MĂĄlaga, Spain (Rapporteur)
M. Guy Pujolle, Professor of Université Pierre et Marie Curie, France (Examinateur)
M. Farid Naït-Abdesselam, Professor of Université Paris Descartes, France (Examinateur)
M. Xun Yi, Professor of RMIT University, Australia (Rapporteur)
Abstract: This report summarizes my major research results on cyber attacks mitigation. Instead of preventing attacks from occurrence, which is largely recognized to be mission impossible in practice, attack mitigation generally aims at lessening the impact of, if not completely ceasing, an inevitable attack based on its early detection. In other words, attack mitigation mechanisms need to ensure that the performance of network functions or services will be maintained at a satisfactory level despite the ongoing attacks. As a matter of fact, the implications of attack mitigation may vary with target scenarios, thereby determining different design objectives and deployment strategies. In this report, three network scenarios are considered, namely traditional enterprise networks, wireless ad hoc networks, and Software-Defined Networking (SDN). Specifically, in enterprise networks, our design purpose is to achieve cost-effective security hardening by balancing the tradeoff between network maintenance cost, which is incurred by adopting mitigation countermeasures, and failure cost, resulting from successful attacks. The second part delivers our contribution on designing self-defense mechanisms in wireless ad hoc networks, which are fundamentally required to be fully distributed, lightweight, cross-layer, and adaptive. In the third part, I demonstrate our ambition to building autonomic defense mechanisms by exploring Software Defined networking (SDN) technologies. The final part of this report presents my research experiences and lessons learned, as well as my research perspectives. To make this report concise and keep its coherence, only the digests of a couple of representative works for each scenario are presented, while the further details can be found in the corresponding published research articles.