This paper proposes a hierarchy of three Byzantine-resistant protocols aimed to be used in practical distributed systems: multi-valued consensus, vector consensus and atomic broadcast. These protocols are designed as successive transformations from one to another. The first protocol, multi-valued consensus, is implemented on top of a randomized binary consensus. The protocols share a set of important structural properties. Firstly, they do not use signatures obtained with public-key cryptography, a well-known performance bottleneck in this kind of protocols. Secondly, they are time-free, i.e., they make no synchrony assumptions, since these assumptions are often vulnerable to subtle but effective attacks. Thirdly, they have no leaders, thus avoiding the cost of detecting corrupt processes. Fourthly, they have optimal resilience, i.e., they tolerate f = n−1 3 out of a total of n processes. The multi-valued consensus protocol terminates in a constant expected number of rounds, while the vector consensus and atomic broadcast protocols have time complexities O(f). * This work was partially supported by the FCT through project POSI/CHS/39815/2001 (COPE) and the Large-Scale Informatic Systems Laboratory (LASIGE). 1 We follow the recent literature that uses interchangeably the terms 'Byzantine faults' and 'intrusions', or 'Byzantine-resistant' and 'intrusion-tolerant'. However, papers like [25, 21] consider accidental Byzantine faults, which are different from malicious Byzantine faults, i.e., intrusions. These latter faults should not be assumed to happen independently.
Abstract:Montado decline has been reported since the end of the nineteenth century in southern Portugal and increased markedly during the 1980s. Consensual reports in the literature suggest that this decline is due to a number of factors, such as environmental constraints, forest diseases, inappropriate management, and socioeconomic issues. An assessment on the pattern of montado distribution was conducted to reveal how the extent of land management, environmental variables, and spatial factors contributed to montado area loss in southern Portugal from 1990 to 2006. A total of 14 independent variables, presumably related to montado loss, were grouped into three sets: environmental variables, land management variables, and spatial variables. From 1990 to 2006, approximately 90,054 ha disappeared in the montado area with an estimated annual regression rate of 0.14 % year-1. Variation partitioning showed that the land management model accounted for the highest percentage of explained variance (51.8 %), followed by spatial factors (44.6 %) and environmental factors (35.5 %). These results indicate that most variance in the large-scale distribution of recent montado loss is due to land management, either alone or in combination with environmental and spatial factors. The full GAM model showed that different livestock grazing is one of the most important variables affecting montado loss. This suggests that optimum carrying capacity should decrease to 0.18-0.60 LU ha-1 for livestock grazing in montado under current ecological conditions in southern Portugal. This study also showed that land abandonment, wildfire, and agricultural practices (to promote pastures, crops or fallow lands) were three significant variables influencing montado loss.
Abstract-One of the key benefits of using intrusion-tolerant systems is the possibility of ensuring correct behavior in the presence of attacks and intrusions. These security gains are directly dependent on the components exhibiting failure diversity. To what extent failure diversity is observed in practical deployment depends on how diverse are the components that constitute the system. In this paper we present a study with operating systems (OS) vulnerability data from the NIST National Vulnerability Database. We have analyzed the vulnerabilities of 11 different OSes over a period of roughly 15 years, to check how many of these vulnerabilities occur in more than one OS. We found this number to be low for several combinations of OSes. Hence, our analysis provides a strong indication that building a system with diverse OSes may be a useful technique to improve its intrusion tolerance capabilities.
Although a large research effort on web application security has been going on for more than a decade, the security of web applications continues to be a challenging problem. An important part of that problem derives from vulnerable source code, often written in unsafe languages like PHP. Source code static analysis tools are a solution to find vulnerabilities, but they tend to generate false positives, and require considerable effort for programmers to manually fix the code. We explore the use of a combination of methods to discover vulnerabilities in source code with fewer false positives. We combine taint analysis, which finds candidate vulnerabilities, with data mining, to predict the existence of false positives. This approach brings together two approaches that are apparently orthogonal: humans coding the knowledge about vulnerabilities (for taint analysis), joined with the seemingly orthogonal approach of automatically obtaining that knowledge (with machine learning, for data mining). Given this enhanced form of detection, we propose doing automatic code correction by inserting fixes in the source code. Our approach was implemented in the WAP tool, and an experimental evaluation was performed with a large set of PHP applications. Our tool found 388 vulnerabilities in 1.4 million lines of code. Its accuracy and precision were approximately 5% better than PhpMinerII's and 45% better than Pixy's. . She is a member of the Large-Scale Informatics Systems (LaSIGE) Laboratory, and the Navigators research group. She is also an Assistant Professor of the University of Azores, teaching courses of the graduation in Informatics, Computer Networks, and Multimedia. Her research interests are concerned with software security, source code static analysis, data mining and machine learning, and security. More information about her can be found at https://sites.google.com/site/ibemed/. Nuno Neves is Associate Professor with Habilitation at the Faculty of Sciences of the University of Lisboa. He is also Director of the LaSIGE Lab, and he leads the Navigators group. His main research interests are in security and dependability aspects of distributed systems. Currently, he is principal investigator of the SUPERCLOUD and SEGRID European projects, and he is involved in projects BiobankClouds and Erasmus+ ParIS. His work has been recognized in several occasions, for example with the IBM Scientific Prize, and the William C. Carter award. He is on the editorial board of the International Journal of Critical Computer-Based Systems. More information about him can be found at http://www.di.fc.ul.pt/~nuno. Miguel Correia is an Associate Professor at Instituto Superior Técnico of the Universidade de Lisboa, and a researcher at INESC-ID, in Lisboa, Portugal. He has been involved in several international and national research projects related to security, including the PCAS, TCLOUDS, ReSIST, MAFTIA, and CRUTIAL European projects. He has more than 100 publications. His main research interests are security, intrusion tolerance, distributed s...
One of the key benefits of using intrusion-tolerant systems is the possibility of ensuring correct behavior in the presence of attacks and intrusions. These security gains are directly dependent on the components exhibiting failure diversity. To what extent failure diversity is observed in practical deployment depends on how diverse are the components that constitute the system. In this paper, we present a study with operating system's (OS's) vulnerability data from the NIST National Vulnerability Database (NVD). We have analyzed the vulnerabilities of 11 different OSs over a period of 18 years, to check how many of these vulnerabilities occur in more than one OS. We found this number to be low for several combinations of OSs. Hence, although there are a few caveats on the use of NVD data to support definitive conclusions, our analysis shows that by selecting appropriate OSs, one can preclude (or reduce substantially) common vulnerabilities from occurring in the replicas of the intrusion-tolerant system. ‡ A specific type of bug, regarding security, is usually called a vulnerability. Once a vulnerability is discovered, it can be maliciously exploited. If the exploited vulnerability leads to the software system deviating from its intended requirements or security policy, then the system is deemed to have failed. The system can fail on a single or combination of the following security properties: confidentiality, availability, and integrity. In the rest of this paper, we will use the terms fault and vulnerability interchangeably. 736 M. GARCIA ET AL.faulty. To satisfy this provision, system components need to exhibit failure diversity, that is, the probability that a majority of components fail at the same time should be negligible (or else the system as a whole will fail). This failure diversity assumption is easier to justify when one is concerned with accidental faults, such as power outages, disk crashes, or message corruption due to noise in communication lines. However, for design faults of any kind, including security vulnerabilities, the assumption is difficult to guarantee. If multiple components contain the same vulnerabilities, then a single attack can compromise all of them, therefore defeating the aim of intrusion tolerance system in providing improved security.To reduce the probability of vulnerabilities existing in more than one component, design diversity [3] can be employed: each component uses diverse software to perform the same functions, with the expectation that the differences will reduce the occurrence of common vulnerabilities, that is, vulnerabilities that exist in more than one system. Byzantine fault-tolerant replication often suggest the use of replica diversity (e.g., [4][5][6][7][8][9][10][11][12][13][14]), under the (sometimes implicit) assumption that they exhibit failure diversity. In this work, we want to empirically assess to what extent failure diversity is exhibited in a complex category of OTS software, namely operating systems (OSs).We focus our study on OS because they are a...
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.