Quantitative Analysis of Multi-Recovery-Based Intrusion Tolerance Model

Quantitative analysis has always been a difficult problem in security analysis of intrusion tolerance systems. An intrusion tolerance model based on multiple recovery mechanisms is introduced in this paper and how to quantify the security attributes of the model is proposed. A state transition model with recovery states more accurately describes the dynamic behavior of the system. Considering that recovery mechanisms have a great impact on the security performance of the system, we set up the cost models corresponding to different recovery mechanisms. We propose a feasible security measure based on mean cost to security failure in order to evaluate the system cost during the recovery phase. The experimental results confirmed the feasibility of the proposed methods.

[1]  David Powell,et al.  A fault- and intrusion- tolerant file system , 1985 .

[2]  Arun K. Sood,et al.  Incorruptible Self-Cleansing Intrusion Tolerance and Its Application to DNS Security , 2006, J. Networks.

[3]  Dong Seong Kim,et al.  Security modeling and analysis of a self-cleansing intrusion tolerance technique , 2015, 2015 11th International Conference on Information Assurance and Security (IAS).

[4]  Josep Domingo-Ferrer,et al.  Intrusion Detection and Attack Tolerance for Cloud Environments: The CLARUS Approach , 2016, 2016 IEEE 36th International Conference on Distributed Computing Systems Workshops (ICDCSW).

[5]  Gan Hong-sheng Quantitative approach to dynamic security of intrusion tolerant systems , 2011 .

[6]  Rüdiger Kapitza,et al.  Hypervisor-Based Efficient Proactive Recovery , 2007, 2007 26th IEEE International Symposium on Reliable Distributed Systems (SRDS 2007).

[7]  Arun K. Sood,et al.  Designing SCIT architecture pattern in a Cloud-based environment , 2011, 2011 IEEE/IFIP 41st International Conference on Dependable Systems and Networks Workshops (DSN-W).

[8]  Feiyi Wang,et al.  SITAR: a scalable intrusion-tolerant architecture for distributed services - a technology summary , 2003, Proceedings DARPA Information Survivability Conference and Exposition.

[9]  Yih Huang,et al.  A security evaluation of a novel resilient web serving architecture: Lessons learned through industry/academia collaboration , 2010, 2010 International Conference on Dependable Systems and Networks Workshops (DSN-W).

[10]  Tadashi Dohi,et al.  Mean Time to Security Failure of VM-Based Intrusion Tolerant Systems , 2016, 2016 IEEE 36th International Conference on Distributed Computing Systems Workshops (ICDCSW).

[11]  Mohammad Abdollahi Azgomi,et al.  Security Evaluation of an Intrusion Tolerant Web Service Architecture Using Stochastic Activity Networks , 2009, ISA.

[12]  Boualem Benatallah,et al.  A Petri Net-based Model for Web Service Composition , 2003, ADC.

[13]  Jian-hua Huang,et al.  Quantitative approach to dynamic security of intrusion tolerant systems: Quantitative approach to dynamic security of intrusion tolerant systems , 2011 .

[14]  William H. Sanders,et al.  Stochastic Activity Networks: Formal Definitions and Concepts , 2002, European Educational Forum: School on Formal Methods and Performance Analysis.

[15]  Arun K. Sood,et al.  SCIT and IDS architectures for reduced data ex-filtration , 2010, 2010 International Conference on Dependable Systems and Networks Workshops (DSN-W).

[16]  Kishor S. Trivedi,et al.  Characterizing intrusion tolerant systems using a state transition model , 2001, Proceedings DARPA Information Survivability Conference and Exposition II. DISCEX'01.

[17]  Bharat B. Madan,et al.  A method for modeling and quantifying the security attributes of intrusion tolerant systems , 2004, Perform. Evaluation.

[18]  Rafael R. Obelheiro,et al.  Overlay Network Topology Reconfiguration in Byzantine Settings , 2007 .

[19]  Jian-hua Huang,et al.  A Method for Quantifying the Security of Intrusion Tolerant System , 2009, 2009 International Symposium on Computer Network and Multimedia Technology.

[20]  Arun K. Sood,et al.  Quantitative Approach to Tuning of a Time-Based Intrusion-Tolerant System Architecture , 2009 .

[21]  Miguel Correia,et al.  Resilient Intrusion Tolerance through Proactive and Reactive Recovery , 2007 .

[22]  Habib Ounelli,et al.  An Intrusion Tolerance Scheme for a Cloud of Databases Environment , 2016, 2016 19th International Conference on Network-Based Information Systems (NBiS).

[23]  Feiyi Wang,et al.  SITAR: a scalable intrusion-tolerant architecture for distributed services , 2003, Foundations of Intrusion Tolerant Systems, 2003 [Organically Assured and Survivable Information Systems].