Quantitative Analysis of Multi-Recovery-Based Intrusion Tolerance Model

Computer Science
  • 3 Downloads

Abstract

Quantitative analysis has always been a difficult problem in security analysis of intrusion tolerance systems. An intrusion tolerance model based on multiple recovery mechanisms is introduced in this paper and how to quantify the security attributes of the model is proposed. A state transition model with recovery states more accurately describes the dynamic behavior of the system. Considering that recovery mechanisms have a great impact on the security performance of the system, we set up the cost models corresponding to different recovery mechanisms. We propose a feasible security measure based on mean cost to security failure in order to evaluate the system cost during the recovery phase. The experimental results confirmed the feasibility of the proposed methods.

Key words

intrusion tolerance quantitative analysis semi- Markov model cost 

CLC number

TP 309 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. [1]
    Fraga J, Powell D. A fault and intrusion-tolerant file system[ C]// Computer Security: The Practical Issues in a Troubled World. Proceedings of the Third IFIP International Conference on Computer Security. Amsterdam: North-Holland, 1985: 203–218.Google Scholar
  2. [2]
    Wang F, Upppalli R. SITAR: A scalable intrusion-tolerant architecture for distributed services [C] // Darpa Information Survivability Conference & Exposition. Piscataway: IEEE, 2001: 359–367.Google Scholar
  3. [3]
    Huang Y, Arsenault D, Sood A. Incorruptible self-cleansing intrusion tolerance and its application to DNS security[J]. Journal of Networks, 2006, 1(5): 21–30.CrossRefGoogle Scholar
  4. [4]
    Gosevapopstojanova K, Vaidyanathan K, Trivedi K, et al. Characterizing intrusion tolerant systems using a state transition model[C]// Proc 2001 DARPA Information Survivability Conference, Piscataway: IEEE, 2001: 211–221.Google Scholar
  5. [5]
    Madan B, Eva-Popstojanova K, Vaidyanathan K, et al. A method for modeling and quantifying the security attributes of intrusion tolerant systems[J]. Performance Evaluation, 2004, 56(1): 167–186.CrossRefGoogle Scholar
  6. [6]
    Aghajani Z, Azgomi M A. Security evaluation of an intrusion tolerant Web service architecture using stochastic activity networks[C]// International Conference and Workshops on Advances in Information Security and Assurance. Berlin Heidelberg: Springer-Verlag, 2009: 260–269.CrossRefGoogle Scholar
  7. [7]
    Huang Y, Arsenault D, Sood A. Incorruptible self-cleansing intrusion tolerance and its application to DNS security[J]. Journal of Networks, 2006, 1(5): 21–30.CrossRefGoogle Scholar
  8. [8]
    Nguyen Q L, Sood A. Quantitative Approach to tuning of a time-based intrusion-tolerant system architecture[C]// 3rd Workshop on Recent Advances in Intrusion Tolerant Systems, Piscataway: IEEE, 2009: 132–139.Google Scholar
  9. [9]
    Reiser H P, Kapitza R. Hypervisor-based efficient proactive recovery[C]// IEEE International Symposium on Reliable Distributed Systems. Piscataway: IEEE, 2007:87–93.Google Scholar
  10. [10]
    Huang Y, Ghosh A K, Bracewell T, et al. A security evaluation of a novel resilient Web serving architecture: Lessons learned through industry/academia collaboration[C]// International Conference on Dependable Systems and Networks Workshops. Piscataway: IEEE, 2010: 188–193.Google Scholar
  11. [11]
    Nguyen Q L, Sood A. Designing SCIT architecture pattern in a cloud-based environment[C]// International Conference on Dependable Systems and Networks Workshops. Piscataway: IEEE, 2011: 123–128.Google Scholar
  12. [12]
    Sousa P, Bessani A N, Correia M, et al. Resilient intrusion tolerance through proactive and reactive recovery [C] // Pacific Rim International Symposium on Dependable Computing. Piscataway: IEEE, 2007: 373–380.CrossRefGoogle Scholar
  13. [13]
    Mir I E, Dong S K, Haqiq A. Security modeling and analysis of a self-cleansing intrusion tolerance technique[C]// International Conference on Information Assurance and Security. Piscataway: IEEE, 2016: 111–117.Google Scholar
  14. [14]
    Ouffoue G, Ortiz A M, Cavalli A R, et al. Intrusion detection and attack tolerance for cloud environments: The CLARUS approach[C]// IEEE, International Conference on Distributed Computing Systems Workshops. Piscataway: IEEE, 2016: 61–66.Google Scholar
  15. [15]
    Chatti S, Ounelli H. An intrusion tolerance scheme for a cloud of databases environment[C]// International Conference on Network-Based Information Systems. Piscataway: IEEE, 2016:474–479.Google Scholar
  16. [16]
    Zheng J, Okamura H, Dohi T. Mean time to security failure of VM-based intrusion tolerant systems[C]// IEEE, International Conference on Distributed Computing Systems Workshops. Piscataway: IEEE, 2016:128–133.Google Scholar
  17. [17]
    Hamadi R, Benatallah B. A Petri net-based model for web service composition[C]// Australasian Database Conference. Australian Computer Society. Sydney: ACM, 2003:191–200.Google Scholar
  18. [18]
    Sanders W H, Meyer J F. Stochastic activity networks: Formal definitions and concepts[C]// School organized by the European Educational Forum. Berlin Heidelberg: Springer-Verlag, 2000: 315–343.Google Scholar
  19. [19]
    Huang J H, Yang T Y. A method for quantifying the security of intrusion tolerant system[C]// Computer Network and Multimedia Technology. Piscataway: IEEE, 2009: 187–192.Google Scholar
  20. [20]
    Huang J H, Gan H S. Quantitative approach to dynamic security of intrusion tolerant systems[J]. Journal of Computer Applications, 2011, 31(1):123–126(Ch).CrossRefGoogle Scholar
  21. [21]
    Nagarajan A, Sood A. SCIT and IDS architectures for reduced data ex-filtration[C] // Dependable Systems and Networks. Piscataway: IEEE, 2010: 164–169.Google Scholar

Copyright information

© Wuhan University and Springer-Verlag GmbH Germany, part of Springer Nature 2018

Authors and Affiliations

  1. 1.School of Information Science and EngineeringEast China University of Science and TechnologyShanghaiChina

Personalised recommendations