Journal of Korea Society of Industrial Information Systems (한국산업정보학회논문지)

Korea Society of Industrial Information Systems (한국산업정보학회)
권호 표지
DOI QR코드

DOI QR Code

Dynamic Dependability Level Switching Strategies by Utilizing Threat Predictions

  • Received : 2017.01.24
  • Accepted : 2017.03.13
  • Published : 2017.04.30
Download PDF
⟨ Previous Next ⟩

Abstract

A System can be more Dependable from some types of Threats if the Dependability Level Against the Threat on the System is Increased. However, The Dependability-performance Tradeoff should be Considered because the Increased Dependability may Degrade the Performance of the System. Therefore, it is Efficient to Temporally Increase the Dependability Level to High only when an Threat is Predicted on the System in a Short time while Maintaining the Level in Low or mid in Normal Situations. In this Paper, we Present a Threat Prevention Strategy for a Networked Node by Dynamically Changing the Dependability Level According to the Threat Situation on its Logically/physically Neighboring Nodes. As case Studies, we Employ our Strategy to an Internet Server Against TCP SYN Flood Attacks and to a Checkpoint and Rollback System Against Transient Faults. Our Performance Analysis Shows that our Strategy can Effectively Relieve the Damage of the Failure without Serious Performance Degradation.

Keywords

References

  1. Zhang L., Afanasyev A., Burke J., Jacobson V., Claffy K., Crowley P., Papadopoulos C., Wang L. and Zhang B., "Named Data Networking," ACM SIGCOMM Computer Communication Review, Vol. 44, pp. 66-73, July 2014. https://doi.org/10.1145/2656877.2656887
  2. French A., and Shropshire J., "Handheld versus Traditional Computer Security Threats and Practices : A Comparison of End User Perceptions," Journal of Internet Electronic Commerce Research, Vol. 11, No. 2, pp. 153-171, June 2011.
  3. Kim J.-K., Jeon J.-H., and Lim H.-S., "The Effects of Information Security Policies, Security Controls and User's Characteristics on Anti-Virus Security Effectiveness," Journal of Information Systems, Vol. 15, No. 1, pp. 145-168, March 2006.
  4. Vellalacheuvu H. K., and Kumar S., "Effectiveness of Built-in Security Protection of Microsoft's Windows Server 2003 against TCP SYN Based DDoS Attacks," Journal of Information Security, Vol. 2, No. 3, pp. 131-138, July 2011.
  5. Lim S.-H.,. Lee B.-H, and Kim J.-H., "Diversity and Fault Avoidance for Dependable Replication Systems," Information Processing Letters, Vol. 108, pp.33-37, 15 Sep. 2008. https://doi.org/10.1016/j.ipl.2008.03.022
  6. Lim S.-H, "Replication Schemes for Dependable and Effective Mobile Systems," Ph.D. Dissertation, Ajou University. Feb. 2008.
  7. Schuba C., Krsul I., Kuhn M., Spafford E., Sundaram A. and Zamboni D., "Analysis of a Denial of Service Attack on TCP," Proc. of IEEE Symposium on Security and Privacy, May 1997.
  8. Bellaiche M. and Greoire J.-C., "SYN Flooding Attack Detection by TCP Handshake Anomalies," Security and Coomunication Networks, Vol 5, Issue 7, pp. 709-724, July 2012. https://doi.org/10.1002/sec.365
  9. Postel J., "Transmission Control Protocol - DARPA Internet Program Protocol Specification," RFC793, USC/Information Sciences Institute, Sept. 1981.
  10. Branden R., "Requirements for Internet Hosts - Communication Layers," RFC 1122, Internet Engineering Task Force, October 1989.
  11. Vaidya N. H., "On Checkpoint Latency," Proc. of the 1995 Pacific Rim International Symposium on Fault-Tolerant Systems, pp. 60-65, Dec. 1995.
  12. Young J. W., "A First Order Approximation to the Optimum Checkpoint Interval," Communications on the ACM, Vol.17, pp.530-531, Sept.1974. https://doi.org/10.1145/361147.361115
  13. Lim S.-H. and Kim J.-H., "Dynamic Security Level Changing Strategy using Attack Predictions-Case Study of TCP SYN Attacks," International Conference on IT Convergence and Security (ICITCS 2014), Beijing, Oct. 2014.
  14. Yoon S., Lee S. S., and Kim S.-H., "Seamless and Secure Service Framework using Multiple Network Interfaces Terminal in Heterogeneous Environment," Journal of the Korea Society Industrial Information System, Vol. 16, No. 4, pp. 53-65, Dec. 2011. https://doi.org/10.9723/jksiis.2011.16.4.053
  15. Kim S.-Y., Lee S. H., and Hwang H.-S., "A Study of Factors Affecting Attitude Towards Using Mobile Cloud Service," Journal of the Korea Society Industrial Information System, Vol. 18, No. 6, pp. 83-94, Dec. 2013. https://doi.org/10.9723/jksiis.2013.18.6.083
  16. Chang B.-H., Na J.-C., and Jang J.-S., "Network Security Situational Awareness using Traffic Pattern-Map," Journal of the Korea Society Industrial Information System, Vol. 11, No. 3, pp. 34-39, Sept. 2006.