Proactive recovery approach for intrusion tolerance with dynamic configuration of physical and virtual replicas

Authors:
Feng Zhao;Min Li;Weizhong Qiang;Hai Jin;Deqing Zou;Qin Zhang
Affiliations:
Services Computing Technology and System Lab, Cluster and Grid Computing Lab, School of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan, 430074, China;Services Computing Technology and System Lab, Cluster and Grid Computing Lab, School of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan, 430074, China;Services Computing Technology and System Lab, Cluster and Grid Computing Lab, School of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan, 430074, China;Services Computing Technology and System Lab, Cluster and Grid Computing Lab, School of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan, 430074, China;Services Computing Technology and System Lab, Cluster and Grid Computing Lab, School of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan, 430074, China;Services Computing Technology and System Lab, Cluster and Grid Computing Lab, School of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan, 430074, China
Venue:
Security and Communication Networks
Year:
2012

Citing 16
Cited 0

COCA: A secure distributed online certification authority

ACM Transactions on Computer Systems (TOCS)
Practical byzantine fault tolerance and proactive recovery

ACM Transactions on Computer Systems (TOCS)
Asynchronous verifiable secret sharing and proactive cryptosystems

Proceedings of the 9th ACM conference on Computer and communications security
Intrusion-Tolerant Enclaves

SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Xen and the art of virtualization

SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
CODEX: A Robust and Secure Secret Distribution System

IEEE Transactions on Dependable and Secure Computing
Guest Editors' Introduction: Resource Virtualization Renaissance

Computer
Rethinking the Design of Virtual Machine Monitors

Computer
Proactive Resilience Revisited: The Delicate Balance Between Resisting Intrusions and Remaining Available

SRDS '06 Proceedings of the 25th IEEE Symposium on Reliable Distributed Systems
A Fast Rejuvenation Technique for Server Consolidation with Virtual Machines

DSN '07 Proceedings of the 37th Annual IEEE/IFIP International Conference on Dependable Systems and Networks
Hypervisor-Based Efficient Proactive Recovery

SRDS '07 Proceedings of the 26th IEEE International Symposium on Reliable Distributed Systems
Diverse replication for single-machine Byzantine-fault tolerance

ATC'08 USENIX 2008 Annual Technical Conference on Annual Technical Conference
FOREVER: Fault/intrusiOn REmoVal through Evolution & Recovery

Proceedings of the ACM/IFIP/USENIX Middleware '08 Conference Companion
Highly Available Intrusion-Tolerant Services with Proactive-Reactive Recovery

IEEE Transactions on Parallel and Distributed Systems
Proactive obfuscation

ACM Transactions on Computer Systems (TOCS)
Multichannel clock and data recovery: a synchronous approach

IEEE Transactions on Circuits and Systems II: Express Briefs

Quantified Score

Hi-index	0.00

Visualization

Abstract

Proactive recovery mechanism has been widely used in building intrusion-tolerant systems that are able to tolerate an arbitrary number of faults. However, previous proactive recovery methods seldom consider the dynamic in attacking power that may cause the increase in fault rate, resulting unguaranteed service availability. This paper describes an approach for tolerating intrusions, or more precisely, damages to replicated data, through dynamic configuration of physical and virtual replicas, which follows a general approach called proactive recovery, and proposes to dynamically adjust recovery frequency to handle potentially changing fault rate. This dynamic proactive recovery method takes the dynamic changes of attaching power into consideration to avoid/minimize the effect of intrusions. Our method is especially effective and useful in intrusion tolerance with physical replicas: it dynamically provides virtual replicas during rejuvenation phase. Copyright © 2012 John Wiley & Sons, Ltd.