padlock at computer

Project: Provably Secure Self-Protecting Systems (PROSSES)

The PROSSES project will result in techniques and tools to create a protecting layer for software systems against attacks from the Internet.

The project was concluded in December 2019.

Project information

Project manager
Narges Khakpour
Other project members
Danny Weyns, Jesper Andersson, Charilaos Skandylas
Frantisek Mazura (visiting doctoral student), a few master and bachelor students
Participating organizations
Outpost24, Omegapoint
Financier
KK-stiftelsen (the Knowledge Foundation)
Timetable
1 Jan 2017-30 Dec 2019
Subject
Computer Science (Department of Computer Science and Media Technology, Faculty of Technology)

More about the project

The complexity, frequency and diversity of cyber-criminal attacks have rapidly increased over the past years. The attacks target individuals, companies, banks and the military and government agencies, causing several severe disruptions and consequences, e.g., stealing the personal records of 233 million users of eBay. With an increasing number of attacks and systems that become increasingly more adaptive and evolving, the protection mechanisms must subsequently evolve and be improved over time to face future attacks and dependability concerns. Reactive security techniques (like encryption, Intrusion Detection Systems (IDSs) etc.), although very useful, can no longer be solely effective in such dynamic environments. As such, self-protection against attacks and threats is becoming an indispensable need. A system needs robust and adaptive security mechanisms to defend and protect itself against threats. To achieve self-protection, a system must always monitor its own behaviour, analyze the gathered information to detect potential threats, plan a defense strategy to protect the system against detected attacks and prevent the potential security problems in future, and apply the planed defense strategy in the system. The design and analysis of such complex systems can only be managed with sophisticated techniques with a solid mathematical and logical basis, collectively known as formal methods. These methods are often supported by powerful tools to describe and analyze the system.

The goal of this project is developing a framework to design a component-based protecting layer for a system by focusing on confidentiality and integrity. We will develop techniques and tools to detect and predict potential attacks, and to protect the system against them by applying cost-effective countermeasures. We will demonstrate the framework applicability in practice by applying it on security-critical industrial systems.

Tools

In this project, we developed the toolset Symmaries in collaboration with Liverpool University to analyse (Java) programs and detect their security weaknesses. This toolset outperforms the state-of-the-art in terms of precision and offers scalable formal analysis.

It provides:

  • an engine for static analysis of programs,
  • a plugin to integrate the static analysis tool in Eclipse so that developers can use the tool to analyse security of their programs during development,
  • a module for generating a dynamic monitor for analysing applications security at runtime.

We also developed RESIST that is a self-protection engine to protect a system against multi-stage attacks that leverages security games, threat analysis and model checking techniques.

Publications for PROSSES

Theses at KTH

More information

Staff

Students

  • Visiting doctoral student: Frantisek Mazura, Bruno University of Technology, Czech Republic
  • MSc students: Goran Saman Nariman, Luyuan Zhang, Silvan Zeller,  Prasannjeet Singh
  • BSc students: Tanyi Frankeline, Aya Kathem, Phillip Lunyov, Alaa Alwan, Mustafa Alsaid, Marcello Vendruscolo

 

Image: CC0, https://pixabay.com/en/computer-security-padlock-hacker-1591018