Reaching Agreement in the Presence of Faults
Journal of the ACM (JACM)
The Design and Implementation of an Intrusion Tolerant System
DSN '02 Proceedings of the 2002 International Conference on Dependable Systems and Networks
Dependability - A Unifying Concept
CSDA '98 Proceedings of the Conference on Computer Security, Dependability, and Assurance: From Needs to Solutions
Design and implementation of a behavioral difference analyzer for network intrusion detection
Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services
| Hi-index | 0.00 |
In many mission-critical applications, important services should be maintained properly under any circumstances including the presence of compromised components incurred by outside intentional attacks. In the paper, a two-level approach for the intrusion tolerance is presented. At the node level, by means of dynamic resource reallocation within a computing node, the critical services previously selected are to survive even after the occurrence of an attack. If it becomes impossible to find enough resources for the critical services within the node in spite of the adaptive actions taken at the node level, it moves to the system level. The system level mechanism is to deliver the intended services transparently to the clients even when a node fails. An architecture adopting diverse redundant computing nodes is proposed for that purpose. Through the experiments on a test-bed, especially, for web services, the approach turned out very effective to cope with not only denial of service attacks but also confidentiality and integrity attacks. Although the measurement of the timing overhead incurred by the approach represents 50% loss in performance, it seem possible to decrease the cost by optimizing the implementation.