OSCTI-driven Security Assessment for Self-Adaptive Systems
|
Typ | Masterarbeit |
|---|---|---|
| Aushang | Master_Security Assessment_for_SAS.pdf | |
| Betreuer | Wenden Sie sich bei Interesse oder Fragen bitte an: Lin Cui (E-Mail: lin.cui@kit.edu), Raffaela Mirandola (E-Mail: raffaela.mirandola@kit.edu) |
Motivation
Self-adaptive systems (SAS) are designed to autonomously adjust their behavior in response to dynamic changes in external environments or internal system states. Their interaction with unpredictable, open environments significantly broadens their attack surfaces, making them highly vulnerable to threats. However, SAS is widely utilized in critical domains such as autonomous driving, manufacturing, energy, healthcare, critical infrastructure, etc., where any compromise can lead to catastrophic consequences. It is of paramount importance to ensure the security of SAS. This thesis's primary objective is to improve SAS's security through designing real-time security assessment methodologies based on Open Source Cyber Threat Intelligence (OSCTI, real-time updatable open-source information about potential or existing cyber threats), in order to guide the adaptation option selection process of SAS in runtime. This thesis offers a unique opportunity to advance expertise in both SAS and security. By contributing, you can develop practical problem-solving skills for addressing real-world industry challenges.
Tasks
- Investigate sources of OSCTI.
- Develop a OSCTI mining pipeline into the Knowledge base of SAS based on existing codes.
- Design a security assessment method combining OSCTI for SAS.
- Evaluate the method's performance in ensuring the SAS's security.
Tools/Technology
- Python, CTI, Natural language processing (NLP), Attack Graph (AG)
Benifits
- Working with cutting-edge and innovative technologies
- Close connection to on-going/current research project
- Very good working environment and intensive support