A Quantitative Model of the Security Intrusion Process Based on Attacker Behavior
IEEE Transactions on Software Engineering
Experimenting with Quantitative Evaluation Tools for Monitoring Operational Security
IEEE Transactions on Software Engineering
The Vision of Autonomic Computing
Computer
Modeling and Quantification of Security Attributes of Software Systems
DSN '02 Proceedings of the 2002 International Conference on Dependable Systems and Networks
A method for modeling and quantifying the security attributes of intrusion tolerant systems
Performance Evaluation - Dependable systems and networks-performance and dependability symposium (DSN-PDS) 2002: Selected papers
Basic Concepts and Taxonomy of Dependable and Secure Computing
IEEE Transactions on Dependable and Secure Computing
Security analysis of SITAR intrusion tolerance system
Proceedings of the 2003 ACM workshop on Survivable and self-regenerative systems: in association with 10th ACM Conference on Computer and Communications Security
Availability Analysis of a Scalable Intrusion Tolerant Architecture with Two Detection Modes
CloudCom '09 Proceedings of the 1st International Conference on Cloud Computing
EUC'07 Proceedings of the 2007 conference on Emerging direction in embedded and ubiquitous computing
Optimizing security measures in an intrusion tolerant database system
ISAS'08 Proceedings of the 5th international conference on Service availability
Towards autonomic mode control of a scalable intrusion tolerant architecture
ATC'10 Proceedings of the 7th international conference on Autonomic and trusted computing
Availability analysis of an IMS-based VoIP network system
ICCSA'10 Proceedings of the 2010 international conference on Computational Science and Its Applications - Volume Part IV
A self-healing mechanism for an intrusion tolerance system
TrustBus'05 Proceedings of the Second international conference on Trust, Privacy, and Security in Digital Business
Modeling and evaluating the survivability of an intrusion tolerant database system
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Environmental diversity techniques of software systems
FGIT'11 Proceedings of the Third international conference on Future Generation Information Technology
Foreword: Special Issue on Multidisciplinary Emerging Networks and Systems
Journal of Computer and System Sciences
Trustworthy placements: Improving quality and resilience in collaborative attack detection
Computer Networks: The International Journal of Computer and Telecommunications Networking
Hi-index | 0.00 |
In this paper we consider an intrusion tolerant system with two detection modes; automatic detection mode and manual detection mode for intrusions, which is called SITAR (Scalable Intrusion Tolerant Architecture), and describe the dynamic transition behavior by a continuous-time semi-Markov chain (CTSMC). Based on the embedded Markov chain (EMC) approach, we derive the steady-state probability of the CTSMC, the steady-state system availability and the mean time to security failure (MTTSF). Especially, we show necessary and sufficient conditions to exist the optimal switching time from an automatic detection mode to a manual detection mode, which maximizes the steady-state system availability. Next, we develop an adaptive mode control scheme to estimate the optimal switching time without specifying the associated probability distribution function, whose idea behind is based on a statistically non-parametric algorithm by means of the total time on test concept. Numerical examples through a comprehensive simulation study are presented for illustrating the optimal switching of detection mode, and investigating the asymptotic property of the resulting adaptive mode control scheme.