Diverse OS Rejuvenation for Intrusion Tolerance
نویسندگان
چکیده
Proactive recovery is technique that periodically rejuvenates the components of a replicated system. When used in the context of intrusion-tolerant systems, in which faulty replicas may be under control of some adversary, it allows the removal of intrusions from the compromised replicas. However, since the set of vulnerabilities remains the same, the adversary can take advantage of the previously acquired knowledge and rapidly exploit them to take over the system. To address this problem, we propose that after each recovery a replica starts to run a different (or diverse) software. As we will explain, the selection of the new replica configuration is a non-trivial problem, since we would like to to maximize the diversity of the system under the constraint of the available configurations. Keywords-Diversity, Vulnerabilities, Operating Systems, Intrusion Tolerance, Proactive Recovery.
منابع مشابه
Software Rejuvenation in Embedded Systems
Mobile communication devices have multitasking embedded software running in their operating systems (OS) as well as applications. Both the OS modules and the application components are assigned predetermined memory in those devices due to their near-realtime performance requirements. Memory (stack and heap) overflow problems occur in such software components because of programmer’s inability to...
متن کاملAnalysis of OS Diversity for Intrusion Tolerance
One of the key benefits of using intrusion-tolerant systems is the possibility of ensuring correct behavior in the presence of attacks and intrusions. These security gains are directly dependent on the components exhibiting failure diversity. To what extent failure diversity is observed in practical deployment depends on how diverse are the components that constitute the system. In this paper w...
متن کاملConstructing a Practical Intrusion Tolerant Replication System
The increasing number of cyber attacks against critical infrastructures, which typically require large state and long system lifetimes, necessitates the design of systems that are able to work correctly even if part of them is compromised. We present the first practical survivable intrusion tolerant replication system, which defends across space and time using compiler-based diversity and proac...
متن کاملSecure and Self-healing Control Centers of Critical Infrastructures using Intrusion Tolerance
Nowadays, critical infrastructures are highly integrated with state-of-the-art information and communication technologies to enhance their efficiency. Due to farreaching societal and economic impacts caused by failure or malfunction of critical infrastructures, cyber security and self-healing capability are among their salient features. A new security paradigm referred to as intrusion tolerance...
متن کاملHighly Available Smart Grid Control Centers through Intrusion Tolerance
Societies’ norms of operation relies on the proper and secure functioning of several critical infrastructures, particularly modern power grid which is also known as smart grid. Smart grid is interwoven with the information and communication technology infrastructure, and thus it is exposed to cyber security threats. Intrusion tolerance proves a promising security approach against malicious atta...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2011