Recovering from intrusions in distributed systems with DARE

Authors:
Taesoo Kim;Ramesh Chandra;Nickolai Zeldovich
Affiliations:
MIT CSAIL;MIT CSAIL;MIT CSAIL
Venue:
APSys'12 Proceedings of the Third ACM SIGOPS Asia-Pacific conference on Systems
Year:
2012

Citing 6
Cited 0

Backtracking intrusions

ACM Transactions on Computer Systems (TOCS)
Vigilante: end-to-end containment of internet worms

Proceedings of the twentieth ACM symposium on Operating systems principles
Heat-ray: combating identity snowball attacks using machinelearning, combinatorial optimization and attack graphs

Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles
Intrusion recovery using selective re-execution

OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
Intrusion recovery for database-backed web applications

SOSP '11 Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles
Retroactive auditing

Proceedings of the Second Asia-Pacific Workshop on Systems

Quantified Score

Hi-index	0.00

Visualization

Abstract

DARE is a system that recovers system integrity after intrusions that spread between machines in a distributed system. DARE extends the rollback-and-reexecute recovery model of Retro [14] to distributed system recovery by solving the following challenges: tracking dependencies across machines, repairing network connections, minimizing distributed repair, and dealing with long-running daemon processes. This paper describes an early prototype of DARE, presents some preliminary results, and discusses open problems.