Towards a secure and available smart grid using intrusion tolerance
IDCS'12 Proceedings of the 5th international conference on Internet and Distributed Computing Systems
| Hi-index | 0.00 |
The number of malware attacks is increasing, Companies have invested millions of dollars in intrusion detection and intrusion prevention (ID/IP) technologies and products, yet many web servers are hacked every year. The current reactive methods of security have proven to be inadequate because the “bad guys” are always one step ahead of the Intrusion Detection/Intrusion Prevention community. Our research seeks to prove the feasibility of a completely new and innovative theory of server security called “Self-Cleansing Intrusion Tolerance” (SCIT). SCIT shifts the focus from detection and prevention to containing losses. SCIT uses virtualization technology in a new and unique way to make it more difficult for attackers to do damage/acquire data by reducing a server’s exposure time from several months to less than a minute. In this way we increase the dependability of the server and provide a new way to balance the trade-off between security and availability. We have applied SCIT to multiple types of servers (DNS, SSO and Web), in this paper we will focus on securing web servers using SCIT. Based on the results ofload testing of a web application for various load scenarios under both scit and non-scit environments, we will clearly show that SCIT provides a high degree of security with little degradation in overall response time of the application.