Computer viruses: theory and experiments
Computers and Security
How to withstand mobile virus attacks (extended abstract)
PODC '91 Proceedings of the tenth annual ACM symposium on Principles of distributed computing
How to share a function securely
STOC '94 Proceedings of the twenty-sixth annual ACM symposium on Theory of computing
Proactive public key and signature systems
Proceedings of the 4th ACM conference on Computer and communications security
Communications of the ACM
An Abstract Theory of Computer Viruses
CRYPTO '88 Proceedings of the 8th Annual International Cryptology Conference on Advances in Cryptology
Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
Proactive Secret Sharing Or: How to Cope With Perpetual Leakage
CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
Distributed Public Key Cryptosystems
PKC '98 Proceedings of the First International Workshop on Practice and Theory in Public Key Cryptography: Public Key Cryptography
A practical scheme for non-interactive verifiable secret sharing
SFCS '87 Proceedings of the 28th Annual Symposium on Foundations of Computer Science
Conditional oblivious transfer and timed-release encryption
EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
| Hi-index | 0.00 |
The notion of proactive security of basic primitives and cryptosystems was introduced in order to tolerate a very strong "mobile adversary[1][2][3][4]". However, even though proactive maintenance is employed, it is a hard problem to detect the viruses which are skillfully developed and latent in the memory of servers. We introduce a new type of virus attacks, called latent virus attack, in which viruses reside in the intruded server and wait for the chance for viruses colluding with each other to intrude more than the threshold of servers. The main subject of this paper is to analyze the resilience of proactive system against latent virus attacks and present how to enhance the security against such virus attacks. At first, we estimate the robustness of proactivized systems against this attack by probabilistic analysis. As a result, we show that if the virus detection rate is higher than a certain threshold, it is possible for proactive maintenance to make the system robust, while, if less than the threshold, the failure probability of the system is dependent only on the virus infection rate. In order to enhance the resilience against such virus attacks, we propose the notion of active rebooting, in which the system performs the reboot procedure on a predetermined number of servers in the total independence of servers being infected or not. We estimate the security of proactive maintenance with active rebooting by extending the probabilistic model of proactive maintenance. As a result, we show that active rebooting enables us not only to enhance the security against the viruses with higher infection rate, but also to make the system robust even in the case of a low detection rate. Moreover, we show that it is effective even in the case the number of servers which are forced to carry out the reboot operation every update phase is comparatively small.