An architecture for adaptive intrusion-tolerant applications: Experiences with Auto-adaptive and Reconfigurable Systems

Authors:
Partha Pal;Paul Rubel;Michael Atighetchi;Franklin Webber;William H. Sanders;Mouna Seri;HariGovind Ramasamy;James Lyons;Tod Courtney;Adnan Agbaria;Michel Cukier;Jeanna Gossett;Idit Keidar
Affiliations:
BBN Technologies, 10 Moulton Street, Cambridge, MA 02138, U.S.A.;BBN Technologies, 10 Moulton Street, Cambridge, MA 02138, U.S.A.;BBN Technologies, 10 Moulton Street, Cambridge, MA 02138, U.S.A.;BBN Technologies, 10 Moulton Street, Cambridge, MA 02138, U.S.A.;Center for Reliable and High-Performance Computing, Coordinated Science Laboratory, University of Illinois at Urbana-Champaign, 1308 West Main Street, Urbana, IL 61801, U.S.A.;Center for Reliable and High-Performance Computing, Coordinated Science Laboratory, University of Illinois at Urbana-Champaign, 1308 West Main Street, Urbana, IL 61801, U.S.A.;IBM Research, Zurich Research Laboratory CH-8803 Rueschlikon, Switzerland;Center for Reliable and High-Performance Computing, Coordinated Science Laboratory, University of Illinois at Urbana-Champaign, 1308 West Main Street, Urbana, IL 61801, U.S.A.;Center for Reliable and High-Performance Computing, Coordinated Science Laboratory, University of Illinois at Urbana-Champaign, 1308 West Main Street, Urbana, IL 61801, U.S.A.;Center for Reliable and High-Performance Computing, Coordinated Science Laboratory, University of Illinois at Urbana-Champaign, 1308 West Main Street, Urbana, IL 61801, U.S.A.;A. James Clark School of Engineering, University of Maryland, College Park, MD 20742, U.S.A.;The Boeing Company, 100 North Riverside, Chicago, IL 60606, U.S.A.;Department of Electrical Engineering, Technion—Israel Institute of Technology, Technion City, Haifa 32000, Israel
Venue:
Software—Practice & Experience
Year:
2006

Citing 0
Cited 3

Using diversity in cloud-based deployment environment to avoid intrusions

SERENE'11 Proceedings of the Third international conference on Software engineering for resilient systems
Advanced Adaptive Application (A3) Environment: initial experience

Proceedings of the Middleware 2011 Industry Track Workshop
Moving target defense (MTD) in an adaptive execution environment

Proceedings of the Eighth Annual Cyber Security and Information Intelligence Research Workshop

Quantified Score

Hi-index	0.00

Visualization

Abstract

Applications that are part of a mission-critical information system need to maintain a usable level of key services through ongoing cyber-attacks. In addition to the well-publicized denial of service (DoS) attacks, these networked and distributed applications are increasingly threatened by sophisticated attacks that attempt to corrupt system components and violate service integrity. While various approaches have been explored to deal with DoS attacks, corruption-inducing attacks remain largely unaddressed. We have developed a collection of mechanisms based on redundancy, Byzantine fault tolerance, and adaptive middleware that help distributed, object-based applications tolerate corruption-inducing attacks. In this paper, we present the ITUA architecture, which integrates these mechanisms in a framework for auto-adaptive intrusion-tolerant systems, and we describe our experience in using the technology to defend a critical application that is part of a larger avionics system as an example. We also motivate the adaptive responses that are key to intrusion tolerance, and explain the use of the ITUA architecture to support them in an architectural framework. Copyright © 2006 John Wiley & Sons, Ltd.