Cyber as a Service: Automating First Responders’ Service in the Cyberspace

Abstract

Due to increasing number of attacks in the cyberspace that deals with different types of users, it is imperative that an automated responder service will be efficient to help the users detect and mitigate different types of attacks in their systems. In this research, we propose to replicate the framework of emergency responder service (911) of the physical space to the cyberspace. Towards this we propose a framework for Cyber-as-a-Service for end-users. In our proposed model, we have three entities: the Dispatch Center, the Guard, and the Client Software. These entities will communicate with each other to detect and extinguish any malicious activity on the host computer. The host machine will run a software that scans and detects any abnormal or malicious activity and communicates this activity to the Guard, which then replies with an executable resolution back to the host. Meanwhile, the Dispatch Center manages connections between hosts and Guards to ensure that hosts are connected to the optimal Guard. We propose algorithms that will place and distribute the Dispatch Center and the Guards. These algorithms allow for fair distribution of Guards, as well as balance the workload among the Guards. We propose the communication protocol that will take place between the Client software, Guards and the Dispatch Center. Our goal is to design the framework for Cyber-as-a-Service for everyday users in the cyberspace who do not have sufficient technical skills to manage tools to detect different attacks.