Evaluating the Emergent Effects of (Multiple) Security Mechanisms via Evolutionary Algorithms

dc.contributor.advisorDenzinger, Jörg
dc.contributor.authorHudson, Jonathan William
dc.contributor.committeememberWilliamson, Carey L.
dc.contributor.committeememberSafavi-Naeini, Reyhaneh
dc.date2019-06
dc.date.accessioned2018-12-03T17:40:30Z
dc.date.available2018-12-03T17:40:30Z
dc.date.issued2018-11-30
dc.description.abstractSecurity mechanisms provide protection against system penetration and exploitation by providing coverage for vulnerabilities. However, security mechanisms often have demanding operational requirements that necessitate access to system resources and control of monitoring points. At the same time, users have particular requirements from programs they install, how they interact with these programs, and what performance they expect from their computing system. These combined requirements create a selection problem where the user desires to balance security coverage, through a choice of security mechanism(s), with system performance and functionality. This problem is known as the Effective Security-in-Depth problem. First, this thesis introduces a genetic algorithm to enable an evolutionary search for interaction event sequences for the problem of Effective Security-in-Depth. This methodology required the development of a fitness function that integrated numerous system metrics while addressing the variance found in event sequence simulation and measurement. Next, the steps for effectively implementing this methodology as a software tool are described. Finally, this thesis introduces three processes to use the tool to select between single security mechanisms for different usage profiles, compare and contrast subsets of security mechanisms, and evaluate examples of emergent misbehaviour such as system failure. The initial experimental evaluation validates the ability of the search for interaction event sequences to make progress despite the challenges of stochastic system measurement. The remaining experimental evaluations demonstrate the success of an application of each of the three processes. The evaluation supports that the developed method, tool, and processes are a viable solution to the problem of Effective Security-in-Depth.en_US
dc.identifier.citationHudson, J. W. (2018). Evaluating the Emergent Effects of (Multiple) Security Mechanisms via Evolutionary Algorithms (Doctoral thesis, University of Calgary, Calgary, Canada). Retrieved from https://prism.ucalgary.ca. doi:10.11575/PRISM/34670en_US
dc.identifier.doihttp://dx.doi.org/10.11575/PRISM/34670
dc.identifier.urihttp://hdl.handle.net/1880/109218
dc.language.isoeng
dc.publisher.facultyGraduate Studies
dc.publisher.facultyScience
dc.publisher.institutionUniversity of Calgaryen
dc.publisher.placeCalgaryen
dc.rightsUniversity of Calgary graduate students retain copyright ownership and moral rights for their thesis. You may use this material in any way that is permitted by the Copyright Act or through licensing that has been assigned to the document. For uses that are not allowable under copyright legislation or licensing, you are required to seek permission.
dc.subject.classificationComputer Scienceen_US
dc.titleEvaluating the Emergent Effects of (Multiple) Security Mechanisms via Evolutionary Algorithms
dc.typedoctoral thesis
thesis.degree.disciplineComputer Science
thesis.degree.grantorUniversity of Calgary
thesis.degree.nameDoctor of Philosophy (PhD)
ucalgary.item.requestcopytrue
Files
Original bundle
Now showing 1 - 1 of 1
Loading...
Thumbnail Image
Name:
ucalgary_2018_hudson_jonathan.pdf
Size:
5.26 MB
Format:
Adobe Portable Document Format
Description:
Ph.D. Thesis
License bundle
Now showing 1 - 1 of 1
No Thumbnail Available
Name:
license.txt
Size:
1.74 KB
Format:
Item-specific license agreed upon to submission
Description: