Security analysis of SITAR intrusion tolerance system

Authors:
Dazhi Wang;Bharat B. Madan;Kishor S. Trivedi
Affiliations:
Duke University, NC;Duke University, NC;Duke University, NC
Venue:
Proceedings of the 2003 ACM workshop on Survivable and self-regenerative systems: in association with 10th ACM Conference on Computer and Communications Security
Year:
2003

Citing 11
Cited 14

Make the tigers hunt for you

Computers and Security
On the solution of GSPN reward models

Performance Evaluation
A Quantitative Model of the Security Intrusion Process Based on Attacker Behavior

IEEE Transactions on Software Engineering
Experimenting with Quantitative Evaluation Tools for Monitoring Operational Security

IEEE Transactions on Software Engineering
Intrusion Detection

Intrusion Detection
Network Intrusion Detection: An Analyst's Handbook

Network Intrusion Detection: An Analyst's Handbook
Computer Security Handbook

Computer Security Handbook
Distributing Trust on the Internet

DSN '01 Proceedings of the 2001 International Conference on Dependable Systems and Networks (formerly: FTCS)
Modeling and Quantification of Security Attributes of Software Systems

DSN '02 Proceedings of the 2002 International Conference on Dependable Systems and Networks
Modeling and Analysis of Software Aging and Rejuvenation

SS '00 Proceedings of the 33rd Annual Simulation Symposium
Software Rejuvenation: Analysis, Module and Applications

FTCS '95 Proceedings of the Twenty-Fifth International Symposium on Fault-Tolerant Computing

Model-Based Evaluation: From Dependability to Security

IEEE Transactions on Dependable and Secure Computing
Automated adaptive intrusion containment in systems of interacting services

Computer Networks: The International Journal of Computer and Telecommunications Networking
Information Assurance: Dependability and Security in Networked Systems

Information Assurance: Dependability and Security in Networked Systems
Securing stateful grid servers through virtual server rotation

HPDC '08 Proceedings of the 17th international symposium on High performance distributed computing
Network Security: Know It All: Know It All

Network Security: Know It All: Know It All
A Method for Estimation of the Success Probability of an Intrusion Process by Considering the Temporal Aspects of the Attacker Behavior

Transactions on Computational Science IV
Security Evaluation of an Intrusion Tolerant Web Service Architecture Using Stochastic Activity Networks

ISA '09 Proceedings of the 3rd International Conference and Workshops on Advances in Information Security and Assurance
Performance analysis of hierarchical group key management integrated with adaptive intrusion detection in mobile ad hoc networks

Performance Evaluation
On design tradeoffs between security and performance in wireless group communicating systems

NPSEC'05 Proceedings of the First international conference on Secure network protocols
Towards autonomic mode control of a scalable intrusion tolerant architecture

ATC'10 Proceedings of the 7th international conference on Autonomic and trusted computing
Model-Based Evaluation of Distributed Intrusion Detection Protocols for Mobile Group Communication Systems

Wireless Personal Communications: An International Journal
A self-healing mechanism for an intrusion tolerance system

TrustBus'05 Proceedings of the Second international conference on Trust, Privacy, and Security in Digital Business
An adaptive mode control algorithm of a scalable intrusion tolerant architecture

Journal of Computer and System Sciences
A stochastic model of attack process for the evaluation of security metrics

Computer Networks: The International Journal of Computer and Telecommunications Networking

Quantified Score

Hi-index	0.00

Visualization

Abstract

Security is an important QoS attribute for characterizing intrusion tolerant computing systems. Frequently however, the security of computing systems is assessed in a qualitative manner based on the presence and absence of certain functional characteristics and security mechanisms. Such a characterization is not only ad hoc, it also lacks rigorous scientific and systematic basis. Some recent research efforts have emphasized the need for a quantitative assessment of security attributes for intrusion tolerant systems. Intrusion tolerant systems are not only complex, but also have to operate in an environment made unpredictable due to the unpredictable actions of bona-fide and non bona-fide users. This makes quantitative security analysis a difficult problem. Earlier approaches to security modelling have been based on the use of Markov models. Capturing details of real architectures in a manually constructed Markov model is difficult. We advocate the use of higher level formalism based on stochastic Petri nets for modelling and quantitative security analysis of intrusion tolerant systems. To validate our approach, we use an experimental intrusion tolerant systems known as the SITAR (scalable intrusion tolerant architecture) currently being implemented jointly at MCNC and Duke University as our target system. It is shown that the resulting analysis is useful in determining gains in security by reconfiguring such a system in terms of increase in redundancy under varying threat levels.