Autonomic Security is a 2-year project financed by the Italian Ministry of Education, University and Research (MIUR) under the PRIN 2008 programme. The goal of this project is to develop innovative algorithms and frameworks for the construction of large-scale, decentralized autonomic distributed systems. We understand that this goal is overly ambitious for a 2-year project, so we focus on two tasks:
- Task 1: we will perform foundational research on self-* properties on decentralized distributed systems, with three subgoals: investigating the notion of "self", trying to making self-* properties emerge from the local interactions of a large number of nodes; studying predictive models for large-scale distributed systems, based on (potentially on-line) distributed data mining algorithms; and finally, developing a methodological framework for the design and realization of large-scale decentralized distributed systems.
- Task 2: we will apply the results of our research to one specific aspect, namely self-protection against botnets. Self-protection is especially challenging, since a dangerous threat could emerge from node behaviors that have nothing abnormal from a local perspective. The modeling techniques developed in the previous task will help us to model botnets and their behavior; the methodological framework will provide us with techniques to react opportunely to the botnet threat. For example, when a distributed denial of service attack is detected, the system could produce a corresponding firewall protection policy, to be deployed according to the local context of nodes or subnets.