Availability Analysis of a Scalable Intrusion Tolerant Architecture with Two Detection Modes

In this paper we consider a discrete-time availability model of an intrusion tolerant system with two detection modes; automatic detection mode and manual detection mode. The stochastic behavior of the system is formulated by a discrete-time semi-Markov process and analyzed through an embedded Markov chain (EMC) approach. We derive the optimal switching time from an automatic detection mode to a manual detection mode, which maximizes the steady-state system availability. Numerical examples are presented for illustrating the optimal switching of detection mode and its availability performance. availability, detection mode, EMC approach, Cloud computing environment.

[1]  Tadashi Dohi,et al.  Quantitative Evaluation of Intrusion Tolerant Systems Subject to DoS Attacks Via Semi-Markov Cost Models , 2007, EUC Workshops.

[2]  Rodolphe Ortalo,et al.  Experimenting with Quantitative Evaluation Tools for Monitoring Operational Security , 1999, IEEE Trans. Software Eng..

[3]  Feiyi Wang,et al.  SITAR: a scalable intrusion-tolerant architecture for distributed services , 2003, Foundations of Intrusion Tolerant Systems, 2003 [Organically Assured and Survivable Information Systems].

[4]  David Wright,et al.  Towards Operational Measures of Computer Security , 1993, J. Comput. Secur..

[5]  Tomas Olovsson,et al.  A Quantitative Model of the Security Intrusion Process Based on Attacker Behavior , 1997, IEEE Trans. Software Eng..

[6]  Carl E. Landwehr,et al.  Basic concepts and taxonomy of dependable and secure computing , 2004, IEEE Transactions on Dependable and Secure Computing.

[7]  Yves Deswarte,et al.  Internet Security: An Intrusion-Tolerance Approach , 2006, Proceedings of the IEEE.

[8]  Dieter Gollmann,et al.  Computer Security - ESORICS 2006, 11th European Symposium on Research in Computer Security, Hamburg, Germany, September 18-20, 2006, Proceedings , 2006, ESORICS.

[9]  Bharat B. Madan,et al.  A method for modeling and quantifying the security attributes of intrusion tolerant systems , 2004, Perform. Evaluation.

[10]  Peng Liu,et al.  Modeling and Evaluating the Survivability of an Intrusion Tolerant Database System , 2006, ESORICS.

[11]  Bharat B. Madan,et al.  Modeling and quantification of security attributes of software systems , 2002, Proceedings International Conference on Dependable Systems and Networks.

[12]  Tadashi Dohi,et al.  Optimizing Security Measures in an Intrusion Tolerant Database System , 2008, ISAS.

[13]  Yi Mu,et al.  Emerging Directions in Embedded and Ubiquitous Computing , 2006 .