Experimenting with Quantitative Evaluation Tools for Monitoring Operational Security
IEEE Transactions on Software Engineering
Autonomic Response to Distributed Denial of Service Attacks
RAID '00 Proceedings of the 4th International Symposium on Recent Advances in Intrusion Detection
Distributing Trust on the Internet
DSN '01 Proceedings of the 2001 International Conference on Dependable Systems and Networks (formerly: FTCS)
Evaluating the Impact of Automated Intrusion Response Mechanisms
ACSAC '02 Proceedings of the 18th Annual Computer Security Applications Conference
How to Systematically Classify Computer Security Intrusions
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Intrusion damage control and assessment: a taxonomy and implementation of automated responses to intrusive behavior
Collaborative Intrusion Detection System (CIDS): A Framework for Accurate and Efficient IDS
ACSAC '03 Proceedings of the 19th Annual Computer Security Applications Conference
A Qualitative Analysis of the Intrusion-Tolerance Capabilities of the MAFTIA Architecture
DSN '04 Proceedings of the 2004 International Conference on Dependable Systems and Networks
Security analysis of SITAR intrusion tolerance system
Proceedings of the 2003 ACM workshop on Survivable and self-regenerative systems: in association with 10th ACM Conference on Computer and Communications Security
ADEPTS: Adaptive Intrusion Response Using Attack Graphs in an E-Commerce Environment
DSN '05 Proceedings of the 2005 International Conference on Dependable Systems and Networks
Secure and practical defense against code-injection attacks using software dynamic translation
Proceedings of the 2nd international conference on Virtual execution environments
Where's the FEEB? the effectiveness of instruction set randomization
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Achieving high survivability in distributed systems through automated response
Achieving high survivability in distributed systems through automated response
Cooperating security managers: a peer-based intrusion detection system
IEEE Network: The Magazine of Global Internetworking
Information Assurance: Dependability and Security in Networked Systems
Information Assurance: Dependability and Security in Networked Systems
Network Security: Know It All: Know It All
Network Security: Know It All: Know It All
Intrusion response cost assessment methodology
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
Definition of response metrics for an ontology-based Automated Intrusion Response Systems
Computers and Electrical Engineering
Argumentation logic to assist in security administration
Proceedings of the 2012 workshop on New security paradigms
A Systematic Survey of Self-Protecting Software Systems
ACM Transactions on Autonomous and Adaptive Systems (TAAS) - Special Section on Best Papers from SEAMS 2012
Towards cost-sensitive assessment of intrusion response selection
Journal of Computer Security
Hi-index | 0.00 |
Large scale distributed systems typically have interactions among different services that create an avenue for propagation of a failure from one service to another. The failures being considered may be the result of natural failures or malicious activity, collectively called disruptions. To make these systems tolerant to failures it is necessary to contain the spread of the occurrence automatically once it is detected. The objective is to allow certain parts of the system to continue to provide partial functionality in the system in the face of failures. Real world situations impose several constraints on the design of such a disruption tolerant system of which we consider the following - the alarms may have type I or type II errors; it may not be possible to change the service itself even though the interaction may be changed; attacks may use steps that are not anticipated a priori; and there may be bursts of concurrent alarms. We present the design and implementation of a system named Adepts as the realization of such a disruption tolerant system. Adepts uses a directed graph representation to model the spread of the failure through the system, presents algorithms for determining appropriate responses and monitoring their effectiveness, and quantifies the effect of disruptions through a high level survivability metric. Adepts is demonstrated on a real e-commerce testbed with actual attack patterns injected into it.