James C. Reynolds, J. Just, E. Lawson, L. Clough, R. Maglich, K. Levitt
{"title":"The design and implementation of an intrusion tolerant system","authors":"James C. Reynolds, J. Just, E. Lawson, L. Clough, R. Maglich, K. Levitt","doi":"10.1109/DSN.2002.1028912","DOIUrl":null,"url":null,"abstract":"We describe the implementation of an intrusion tolerant system for providing Internet services to known users through secure connections. Network attacks are treated as maliciously devised conditions to exploit design, implementation, or configuration faults, intrusions (successful attacks) are treated as failures, and their effects are mitigated by using the three pillars of fault tolerance: detection, isolation, and recovery. Fundamental to our approach is the use of diverse process pairs, which provides partial solutions to detection and isolation problems. The architecture uses the comparison of outputs from diverse applications to provide a significant and novel intrusion detection capability. The diverse applications also strengthen isolation by forcing attacks to exploit independent vulnerabilities. The isolation of intrusions is mainly achieved with an out-of-band control system. The control system not only provides separation between the primary and backup system, it also initiates attack diagnosis, attack blocking, and recovery, which is accelerated by on-line repair.","PeriodicalId":93807,"journal":{"name":"Proceedings. International Conference on Dependable Systems and Networks","volume":"30 1","pages":"285-290"},"PeriodicalIF":0.0000,"publicationDate":"2002-06-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"70","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings. International Conference on Dependable Systems and Networks","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/DSN.2002.1028912","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 70
Abstract
We describe the implementation of an intrusion tolerant system for providing Internet services to known users through secure connections. Network attacks are treated as maliciously devised conditions to exploit design, implementation, or configuration faults, intrusions (successful attacks) are treated as failures, and their effects are mitigated by using the three pillars of fault tolerance: detection, isolation, and recovery. Fundamental to our approach is the use of diverse process pairs, which provides partial solutions to detection and isolation problems. The architecture uses the comparison of outputs from diverse applications to provide a significant and novel intrusion detection capability. The diverse applications also strengthen isolation by forcing attacks to exploit independent vulnerabilities. The isolation of intrusions is mainly achieved with an out-of-band control system. The control system not only provides separation between the primary and backup system, it also initiates attack diagnosis, attack blocking, and recovery, which is accelerated by on-line repair.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
