Model-based validation of an intrusion-tolerant information system

An increasing number of computer systems are designed to be distributed across both local and wide-area networks, performing a multitude of critical information-sharing and computational tasks. Malicious attacks on such systems are a growing concern, where attackers typically seek to degrade quality of service by intrusions that exploit vulnerabilities in networks, operating systems, and application software. Accordingly, designers are seeking improved techniques for validating such systems with respect to specified survivability requirements. In this regard, we describe a model-based validation effort that was undertaken as part of a unified approach to validating a networked intrusion-tolerant information system. Model-based results were used to guide the system's design as well as to determine whether a given survivability requirement was satisfied.

[1]  Somesh Jha,et al.  Automated generation and analysis of attack graphs , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[2]  Yves Deswarte,et al.  Intrusion tolerance in distributed computing systems , 1991, Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy.

[3]  William H. Sanders,et al.  Dependability and Performance Evaluation of Intrusion-Tolerant Server Architectures , 2003, LADC.

[4]  Bruno Dutertre,et al.  Intrusion-tolerant Enclaves , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[5]  R. Sproull,et al.  Report on Building the Joint Battlespace Infosphere. Volume 1: Summary , 1999 .

[6]  William H. Sanders,et al.  The Möbius Framework and Its Implementation , 2002, IEEE Trans. Software Eng..

[7]  Rodolphe Ortalo,et al.  Experimenting with Quantitative Evaluation Tools for Monitoring Operational Security , 1999, IEEE Trans. Software Eng..

[8]  David Wright,et al.  Towards Operational Measures of Computer Security: Concepts , 1995 .

[9]  Fabrice Stevens,et al.  Validation of an Intrusion-Tolerant Information System Using Probabilistic Modeling , 2004 .

[10]  J. Lowry An initial foray into understanding adversary planning and courses of action , 2001, Proceedings DARPA Information Survivability Conference and Exposition II. DISCEX'01.

[11]  Tomas Olovsson,et al.  A Quantitative Model of the Security Intrusion Process Based on Attacker Behavior , 1997, IEEE Trans. Software Eng..

[12]  Nancy R. Mead,et al.  Survivable Network Systems: An Emerging Discipline , 1997 .

[13]  William H. Sanders,et al.  Probabilistic validation of an intrusion-tolerant replication system , 2003, 2003 International Conference on Dependable Systems and Networks, 2003. Proceedings..

[14]  Carl E. Landwehr,et al.  Formal Models for Computer Security , 1981, CSUR.

[15]  Bharat B. Madan,et al.  Modeling and quantification of security attributes of software systems , 2002, Proceedings International Conference on Dependable Systems and Networks.

[16]  David Wright,et al.  Towards Operational Measures of Computer Security , 1993, J. Comput. Secur..

[17]  William H. Sanders,et al.  Intrusion Tolerance Approaches in ITUA , 2001 .