Quantitative Approach to Tuning of a Time-Based Intrusion-Tolerant System Architecture
نویسندگان
چکیده
Many institutions rely on open systems to provide services to the public via the Internet. Unanticipated software vulnerabilities expose such services to malicious actors, and make them susceptible to attacks. Therefore, security is critical in order to ensure confidentiality, integrity, and availability for system data and services. The fact that security attacks have become increasingly sophisticated makes the protection of open systems more challenging. Current intrusion prevention and detection are reactive, and the bad guys are always one step ahead. In this paper, we will present a quantitative analysis of SelfCleansing Intrusion Tolerance (SCIT), a time-based intrusion tolerance architecture. Using quantitative techniques we show that it is possible to tune a SCIT system based on its exposure window in order to achieve the required degree of intrusion tolerance.
منابع مشابه
Real-Time intrusion detection alert correlation and attack scenario extraction based on the prerequisite consequence approach
Alert correlation systems attempt to discover the relations among alerts produced by one or more intrusion detection systems to determine the attack scenarios and their main motivations. In this paper a new IDS alert correlation method is proposed that can be used to detect attack scenarios in real-time. The proposed method is based on a causal approach due to the strength of causal methods in ...
متن کاملModeling SITAR System Security
Recent strategies to protect system security lay emphasis on designing intrusion-tolerant systems that are able to tolerate intrusions using techniques such as redundancy, diversity, reconfiguration and graceful degradation. These systems are expected to not only detect and tolerate attacks, but also repair, or rejuvenate themselves so as to remove any damage caused by an intrusion. Several res...
متن کاملA Unified IMC based PI/PID Controller Tuning Approach for Time Delay Processes
This paper proposes a new PI/PID controller tuning method within filtered Smith predictor (FSP) configuration in order to deal with various types of time delay processes including stable, unstable and integrating delay dominant and slow dynamic processes. The proposed PI/PID controller is designed based on the IMC principle and is tuned using a new constraint and without requiring any approxima...
متن کاملArchitectures for Intrusion Tolerant Database Systems
In this paper, we propose four architectures for intrusion-tolerant database systems. While traditional secure database systems rely on prevention controls, an intrusion-tolerant database system can operate through attacks in such a way that the system can continue delivering essential services in the face of attacks. With a focus on attacks by malicious transactions, Architecture I can detect ...
متن کاملA hybridization of evolutionary fuzzy systems and ant Colony optimization for intrusion detection
A hybrid approach for intrusion detection in computer networks is presented in this paper. The proposed approach combines an evolutionary-based fuzzy system with an Ant Colony Optimization procedure to generate high-quality fuzzy-classification rules. We applied our hybrid learning approach to network security and validated it using the DARPA KDD-Cup99 benchmark data set. The results indicate t...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2009