PNNL

Abstract

Modern computer systems have become so complex and interdependent that the traditional model of system defense, utilizing layers and including an intrusion detection system that provides alerts to a human who responds to them, is becoming unfeasible. Effective human-guided real-time responses are no longer a reasonable expectation for large scale systems --- this is particularly troublesome because a failure to respond correctly and rapidly can have disastrous consequences. In an ideal world, our systems would automatically detect and respond to threats of all kinds, including but not limited to automated attacks, human-guided attacks, and the constant onslaught of unsolicited email (spam). Traditionally, these threats have been dealt with by separate communities - the anti-virus community, the intrusion-detection/firewall community, and the anti-spam community. Today however, we see an increasing need for integrating different technologies toward achieving a common goal. In this special issue, we surveyed the research community with the intent of identifying novel, multidisciplinary and integrated approaches to system defense that contribute towards development of true self-protecting and self-healing systems. The result is reflected in the articles we selected.