Browse > Article
http://dx.doi.org/10.3745/KIPSTA.2005.12A.5.395

A Survivability Model of an Intrusion Tolerance System  

Park, Bum-Joo (삼성전자 첨단기술연구소)
Park, Kie-Jin (아주대학교 산업정보시스템공학부)
Kim, Sung-Soo (아주대학교 정보통신전문대학운)
Abstract
There have been large concerns about survivability defined as the capability of a system to perform a mission-critical role, in a timely manner, in the presence of attacks, failures. In particular, One of the most important core technologies required for the design of the ITS(Intrusion Tolerance System) that performs continuously minimal essential services even when the computer system is partially compromised because of intrusions is the survivability one of In included the dependability analysis of a reliability and availability etc. quantitative dependability analysis of the In. In this Paper, we applied self-healing mechanism utilizing two factors of self-healing mechanism (fault model and system response), the core technology of autonomic computing to secure the protection power of the ITS and consisted of a state transition diagram of the ITS composed of a primary server and a backup server. We also defined the survivability, availability, and downtime cost of the ITS, and then performed studies on simulation experiments and two cases of vulnerability attack. Simulation results show that intrusion tolerance capability at the initial state is more important than coping capability at the attack state in terms of the dependability enhancement.
Keywords
Survivability; Intrusion Tolerance System; Vulnerability; Self-healing; Availability;
Citations & Related Records
연도 인용수 순위
  • Reference
1 B. Madan, et al., 'Modeling and Quantification of Security Attributes of Software Systems,' International Conference on Dependable Systems and Networks, pp.505-514, June, 2002   DOI
2 Y. Liu and K. Trivedi, 'A general Framework for Network Survivability Quantification,' Proceedings of the 12th GI/ITG Conference on Measuring, Modelling and Evaluation of Computer and Communication Systems, pp.369-378, Sep., 2004
3 C. Cowan and Immunix Inc., 'Survivability: Synergizing Security and Reliability,' Sep., 2003
4 K. Trivedi, 'Probability and Statistics with Reliability Queueing and Computer Science Applications,' John Wiley & Sons, Inc., pp.472, 2002
5 C. Shelton, P. Koopman, and W. Nace, 'A Framework for Scalable Analysis and Design of System-Wide Graceful degradation in distributed Embedded Systems,' Eighth IEEE International Workshop on Object-oriented Real-time Dependable Systems, pp.156-163, Jan., 2003
6 J. Knight, et al, 'The Willow Architecture: Comprehensive Survivability for Large-Scale Distributed Applications,' submitted to: The International Conference on Dependable Systems and Networks, June, 2002
7 J. Knight, K. Strunk, and K. Sullivan, 'Towards a Rigorous Definition of Information System Survivability,' Pro- ceedings of the DARPA Information Conference and Exposition, pp.78-89, April, 2003
8 F. Wang, et aI., 'SITAR: A Scalable Intrusion-Tolerant Architecture for Distributed Services,' Proceedings of the Foundations of Intrusion Tolerant Systems, pp.359-367, 2003
9 D. Wang, B. Madan, and K. Trivedi, 'Security Analysis of SITAR Intrusion Tolerance System,' Proceedings of the ACM Workshop on Survivable and Self-Regenerative Systems, pp.23-32, Oct., 2003   DOI
10 J. Reynolds, et al., 'On-line Intrusion Detection Attack Prevention Using Diversity Generate-and-Test, and Generali- zation,' Proceedings of the 36th Annual Hawaii International Conferences on System Sciences, pp.335-342, Jan., 2003   DOI
11 K. Goseva-Popstojanova, et al., 'Characterizing Intrusion Tolerant Systems using a State Transition Model,' DARFA Information Survivability Conference and exhibition, Vol.2, pp.211-221, June, 2001   DOI
12 R. Ellison, et al., 'Survivable Network Systems: An Emerging Discipline,' Proceedings of the 11th Canadian Information Technology Security Sysposium, May, 1999
13 V. Westmark, 'A Definition for Information System Survivability,' Proceedings of the 37th Annual Hawaii International Conferences on System Sciences, Vol.9, No.9, pp.90303a, Jan., 2004   DOI
14 P. Koopman, 'Elements of the Self-Healing System Problem Space,' Workshop on Architecting Dependable Systems, pp.31-36, May, 2003
15 D. Chess, C. Palmer, and S. White, 'Security in an Autonomic Computing Environment,' IBM Systems Journal, Vol.42, No.1, pp.107-118, 2003   DOI
16 F. Wang, R. Uppalli, and C. Killian, 'Analysis of Techniques for Building Intrusion Tolerant Server Systems,' Pro- ceedings of Military Communications Conference, pp.729-734, Oct., 2003   DOI
17 A. Avizienis, J. Laprie, and B. Randell, 'Fundamental concepts of dependability,' 3rd Information Survivability Workshop, pp.7-12, Oct., 2000