An architecture for adaptive intrusion‐tolerant applications

Pal, Partha; Rubel, P.; Atighetchi, Michael; Webber, Franklin; Sanders, William H.; Seri, Mouna; Ramasamy, HariGovind V.; Lyons, James; Courtney, T.; Agbaria, Adnan; Cukier, Michel; Gossett, J.; Keidar, Idit

doi:10.1002/spe.747

Cited by 16 publications

(3 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The managed execution environment also offers multiple modes of mounting such adaptations-proactively as a pre-emptive action, or reactively as a response to observed events. Complementing our prior work in dynamic adaptation for defense involving port hopping [1] or unpredictable replica re-placement [2], the A3 managed execution environment introduces new opportunities to make the protected application a moving target over a larger part of the lifecycle of the deployed application. An attacker's foothold or accumulated privilege in a given container can be alleviated by redirecting the mediated I/O to another container started with a check pointed state.…”

Section: Introductionmentioning

confidence: 99%

Moving target defense (MTD) in an adaptive execution environment

Paulos¹,

Pal²,

Schantz³

et al. 2013

Proceedings of the Eighth Annual Cyber Security and Information Intelligence Research Workshop

View full text Add to dashboard Cite

This paper describes how adaptation support facilitated by an execution environment can be used to implement moving target defenses (MTD). Reactive and proactive use of adaptation, although beneficial for cyber defense, comes with additional cost, and therefore needs to be employed selectively. We also describe the pros and cons of using reactive and proactive adaptation for MTD for a representative sample of adaptations supported by an execution environment that we are developing.

show abstract

Section: Introductionmentioning

confidence: 99%

Moving target defense (MTD) in an adaptive execution environment

Paulos¹,

Pal²,

Schantz³

et al. 2013

Proceedings of the Eighth Annual Cyber Security and Information Intelligence Research Workshop

View full text Add to dashboard Cite

show abstract

“…ITSs are concerned more with the effects of attacks on the target system than the causes of the attacks because they mainly support the availabilities and do not detect or prevent attacks. ITS architectures are classified into four categories [1]: detection triggered [2]- [4], algorithm driven [5], [6], recovery based [7]- [20], and hybrid [21]. This study focuses on recovery-based methods because the other types of ITSs employ intrusion detection methods and the aim was to build ITSs to cope with situations where the intrusion cannot be detected.…”

Section: Introductionmentioning

confidence: 99%

A Novel Intrusion Tolerant System Using Live Migration

Shin

Song

Lee

et al. 2014

IEICE Trans. Inf. & Syst.

View full text Add to dashboard Cite

SUMMARYThis letter proposes a novel intrusion tolerant system consisting of several virtual machines (VMs) that refresh the target system periodically and by live migration, which monitors the many features of the VMs to identify and replace exhausted VMs. The proposed scheme provides adequate performance and dependability against denial of service (DoS) attacks. To show its efficiency and security, we conduct experiments on the CSIM20 simulator, which showed 22% improvement in a normal situation and approximately 77.83% improvement in heavy traffic in terms of the response time compared to that reported in the literature. We measure and compare the response time. The result show that the proposed scheme has shorter response time and maintains than other systems and supports services during the heavy traffic. key words: intrusion tolerant system (ITS), proactive & reactive recovery, live migration, denial of service (DoS)

show abstract

“…agility techniques (King 2011), and called for assessment methodologies to be developed. Raytheon has been working in the area of cyber resilient architectures since the DARPA Intrusion Tolerance by Unpredictability and Adaptation (ITUA) program described in (Pal 2006). MITRE documented general processes and recommendations for improving cyber resilience of architectures in (Bodeau 2013).…”

mentioning

confidence: 99%