Analysis of intrusion-tolerant architectures for Web Servers

A variety of mission critical applications need to continue to operate or provide a minimal level of services even when they are under attack or have been partially compromised; hence the need for intrusion tolerant architecture. The research focus of Intrusion Tolerant Architecture is on how to detect as many attacks as possible, as soon as we can, and at the same time to reduce the false alarm rate. This paper presents a survey of different intrusion-tolerant architectures (based on intelligent adaptive reconfiguration) for Web Server highlighting on the threat analysis. Further, we want to point out potential pitfalls as well as challenging issues need to be addressed by an intrusion tolerant architecture. We believe that the results of this evaluation will help system architects to for building more secure and survivable server systems.

[1]  Michael Steiner,et al.  Malicious- and Accidental-Fault Tolerance for Internet Applications , 2002 .

[2]  Paulo Veríssimo,et al.  Intrusion-tolerant middleware: the road to automatic security , 2006, IEEE Security & Privacy.

[3]  Zair Abdelouahab,et al.  A fault tolerance mechanism for network intrusion detection system based on intelligent agents (NIDIA) , 2006, The Fourth IEEE Workshop on Software Technologies for Future Embedded and Ubiquitous Systems, and the Second International Workshop on Collaborative Computing, Integration, and Assurance (SEUS-WCCIA'06).

[4]  Peng Liu,et al.  The design of an adaptive intrusion tolerant database system , 2003, Foundations of Intrusion Tolerant Systems, 2003 [Organically Assured and Survivable Information Systems].

[5]  Shambhu Upadhyaya,et al.  Secure and fault-tolerant voting in distributed systems , 2001, 2001 IEEE Aerospace Conference Proceedings (Cat. No.01TH8542).

[6]  Alysson Neves Bessani,et al.  The FOREVER service for fault/intrusion removal , 2008, WRAITS '08.

[7]  Yves Deswarte,et al.  Intrusion tolerance in distributed computing systems , 1991, Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy.

[8]  Arun K. Sood,et al.  Quantitative Approach to Tuning of a Time-Based Intrusion-Tolerant System Architecture , 2009 .

[9]  Ravishankar K. Iyer,et al.  Chameleon: A Software Infrastructure for Adaptive Fault Tolerance , 1999, IEEE Trans. Parallel Distributed Syst..

[10]  Rafael R. Obelheiro,et al.  Overlay Network Topology Reconfiguration in Byzantine Settings , 2007 .

[11]  Eric Totel,et al.  COTS Diversity Based Intrusion Detection and Application to Web Servers , 2005, RAID.

[12]  Alfonso Valdes,et al.  Adaptive, Model-Based Monitoring for Cyber Attack Detection , 2000, Recent Advances in Intrusion Detection.

[13]  Miguel Correia,et al.  Resilient Intrusion Tolerance through Proactive and Reactive Recovery , 2007 .

[14]  William H. Sanders,et al.  Intrusion Tolerance Approaches in ITUA , 2001 .

[15]  R. Shashikumar,et al.  Self-Healing Reconfigurable FPGA Based Fault Tolerant Security Model for Shared Internet Resources , 2009 .

[16]  Byoung-Joon Min,et al.  An approach to intrusion tolerance for mission-critical services using adaptability and diverse replication , 2004, Future Gener. Comput. Syst..

[17]  Michael Gertz,et al.  The Willow Architecture: Comprehensive Survivability for Large-Scale Distributed Applications , 2001 .

[18]  Hermann Kopetz,et al.  Fault tolerance, principles and practice , 1990 .

[19]  Mohammad Zulkernine,et al.  An Intrusion-Tolerant Mechanism for Intrusion Detection Systems , 2008, 2008 Third International Conference on Availability, Reliability and Security.

[20]  Arun K. Sood,et al.  Securing Web Servers Using Self Cleansing Intrusion Tolerance (SCIT) , 2009, 2009 Second International Conference on Dependability.

[21]  Magnus Almgren,et al.  An Architecture for an Adaptive Intrusion-Tolerant Server , 2002, Security Protocols Workshop.

[22]  James C. Reynolds,et al.  On-line intrusion detection and attack prevention using diversity, generate-and-test, and generalization , 2003, 36th Annual Hawaii International Conference on System Sciences, 2003. Proceedings of the.

[23]  Saurabh Bagchi,et al.  Chameleon: a software infrastructure for adaptive fault tolerance , 1998, Proceedings. IEEE International Computer Performance and Dependability Symposium. IPDS'98 (Cat. No.98TB100248).

[24]  Matti A. Hiltunen,et al.  Survivability through customization and adaptability: the Cactus approach , 2000, Proceedings DARPA Information Survivability Conference and Exposition. DISCEX'00.

[25]  Vincent Nicomette,et al.  The Design of a Generic Intrusion-Tolerant Architecture for Web Servers , 2009, IEEE Transactions on Dependable and Secure Computing.

[26]  Tomas Olovsson,et al.  An analysis of a secure system based on trusted components , 1996, Proceedings of 11th Annual Conference on Computer Assurance. COMPASS '96.

[27]  Kishor S. Trivedi,et al.  Characterizing intrusion tolerant systems using a state transition model , 2001, Proceedings DARPA Information Survivability Conference and Exposition II. DISCEX'01.

[28]  Feiyi Wang,et al.  SITAR: a scalable intrusion-tolerant architecture for distributed services , 2003, Foundations of Intrusion Tolerant Systems, 2003 [Organically Assured and Survivable Information Systems].