Protecting Critical Information Systems (Abstract)

This talk will discuss issues and methods for survivability of systems under malicious attacks. To protect from information attacks, it is necessary to take steps to prevent attacks from succeeding. At the same time, it is important to recognize that not all attacks can be averted at the outset; attacks that are successful to some degree must be recognized as unavoidable and comprehensive support for fdentifying and responding to attacks is required. This places increased emphasis on the ability to live through and recover from successful attacks. We have adopted a fault-tolerance approach that addresses all phases of survivability: attack detection, damage confinement, damage assessment and repair, and attack avoidance. This talk will describe our research dealing with each of these phases.