SCIT and IDS architectures for reduced data ex-filtration

Authors:
Ajay Nagarajan;Arun Sood
Affiliations:
International Cyber Center and Department of Computer Science, George Mason University, Fairfax, VA;International Cyber Center and Department of Computer Science, George Mason University, Fairfax, VA
Venue:
DSNW '10 Proceedings of the 2010 International Conference on Dependable Systems and Networks Workshops (DSN-W)
Year:
2010

Citing 0
Cited 1

A survey of software aging and rejuvenation studies

ACM Journal on Emerging Technologies in Computing Systems (JETC) - Special Issue on Reliability and Device Degradation in Emerging Technologies and Special Issue on WoSAR 2011

Quantified Score

Hi-index	0.01

Visualization

Abstract

Today's approach to security is based on perimeter defense and relies heavily on firewalls, Intrusion detection systems (IDS) and Intrusion prevention systems. Despite years of research and investment in developing such reactive security methodologies, our critical systems remain vulnerable to cyber attacks. In our approach we assume that intrusions are inevitable and our effort is focused on minimizing losses. Towards this end we have introduced a recovery based limited exposure time system called Self Cleansing Intrusion Tolerance (SCIT). In this paper, we investigate architectures that combine SCIT architecture with existing IDS approaches. The effectiveness of SCIT and IDS security architectures in terms of minimizing data ex filtration losses is analyzed using decision trees and the results of Monte Carlo simulation is presented.