With the funding from the Defense Advanced Research Projects Agency (DARPA), a team led by Professor Martin Rinard, a principal investigator at CSAIL and leader of the Cloud Intrusion Detection and Repair project from the MIT Computer Science and Artificial Intelligence Laboratory (CSAIL) aim to develop a smart, self-healing cloud computing infrastructure that would be able to identify the nature of an attack almost instantaneously.
Cloud computing has become completely ubiquitous, spawning hundreds of new web based services, platforms for building applications, and new types of businesses and companies. However, the freedom, fluidity and dynamic platform that cloud computing provide also makes it particularly vulnerable to cyber attacks. And because the cloud is a shared infrastructure, the consequences of such attacks can be extremely serious.
Cyber attacks mainly force the shutdown of the entire system, than whether the attack would be on a personal computer, a business website or an entire network. The team is aiming to examine the normal operations of the cloud to create guidelines for how it should look and function, drawing up the model so that cloud can identify it when an attack is underway.
“Much like the human body has a monitoring system that can detect when everything is running normally, our hypothesis is that a successful attack appears as an anomaly in the normal operating activity of the system,” said Rinard. “By observing the execution of a ‘normal’ cloud system we’re going to the heart of what we want to preserve about the system, which should hopefully keep the cloud safe from attack.”
“Our goal is to observe and understand the normal operation of the cloud, then when something out of the ordinary happens, take actions that steer the cloud back into its normal operating mode,” said Rinard. “Our expectation is that if we can do this, the cloud will survive the attack and keep operating without a problem.”
Professor Rinard explains that a major problem with today’s cloud computing infrastructures is the lack of a thorough understanding of how they operate. His research aims to identify systemic effects of different behavior on cloud computing systems for clues about how to prevent future attacks.