Dependability and Performance Evaluation of Intrusion-Tolerant Server Architectures

Gupta, Vishu; Lam, Vinh Vi; Ramasamy, HariGovind V.; Sanders, William H.; Singh, Sankalp

doi:10.1007/978-3-540-45214-0_9

Cited by 31 publications

(21 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Research projects studied distributed systems using diverse products for intrusion tolerance (e.g. Cactus [9], HACQIT [10] and MAFTIA projects (tinyurl.com/ydazvy8u)), but little research exists on how to choose diverse defences (some examples in [8], [11][12]). An extensive survey on evaluation of IDSs is presented in [13].…”

Section: Related Workmentioning

confidence: 99%

Diversity with intrusion detection systems: An empirical study

Algaith

Elia

Gashi

et al. 2017

2017 IEEE 16th International Symposium on Network Computing and Applications (NCA)

View full text Add to dashboard Cite

Abstract-Defence-in-depth is a term often used in security literature to denote architectures in which multiple security protection systems are deployed to defend the valuable assets of an organization (e.g. the data and the services). In this paper we present an approach for analysing defence-in-depth, and illustrate the use of the approach with an empirical study in which we have assessed the detection capabilities of intrusion detection systems when deployed in diverse, two-version, parallel defence-in-depth configurations. The configurations have been assessed in settings that favour detection of attacks (reducing false negatives), as well as settings that favour legitimate traffic (reducing false positives).

show abstract

Section: Related Workmentioning

confidence: 99%

Diversity with intrusion detection systems: An empirical study

Algaith

Elia

Gashi

et al. 2017

2017 IEEE 16th International Symposium on Network Computing and Applications (NCA)

View full text Add to dashboard Cite

show abstract

“…One of the major issues in the design of modern computing systems is trading dependability aspects with the expected quality of service [16,10,15]. A balanced tradeoff is particularly hard to accomplish when the dependability aspect of interest is security and the system under analysis requires the interaction of several, possibly untrusted components performing their activities in wide-area, public networks.…”

Section: Trading Security With Performancementioning

confidence: 99%

Weak Behavioral Equivalences for Verifying Secure and Performance-Aware Component-Based Systems

Aldini

Bernardo

2009

Architecting Dependable Systems VI

View full text Add to dashboard Cite

Abstract. Component-based systems are characterized by several orthogonal requirements, ranging from security to quality of service, which may demand for the use of opposite strategies and interfering mechanisms. To achieve a balanced tradeoff among these aspects, we have previously proposed the use of a predictive methodology, which encompasses classical tools such as the noninterference approach to security analysis and standard performance evaluation techniques. The former tool, which is based on equivalence checking, is used to reveal functional dependencies among component behaviors, while the latter tool, which relies on reward-based numerical analysis, is used to study the quantitative impact of these dependencies on the system performance. In order to strengthen the relation between these two different analysis techniques we advocate the use of performance-aware notions of behavioral equivalence as a formal means for detecting functional and performance dependencies and then pinpointing the metrics at the base of a balanced tradeoff. Trading Security with PerformanceOne of the major issues in the design of modern computing systems is trading dependability aspects with the expected quality of service [16,10,15]. A balanced tradeoff is particularly hard to accomplish when the dependability aspect of interest is security and the system under analysis requires the interaction of several, possibly untrusted components performing their activities in wide-area, public networks. As an example, it is commonly recognized that lightweight securing infrastructures like those employed for access control in the setting of the IEEE 802.11 standard for wireless local area networks [26] are able to mitigate the impact of the securing mechanisms on quality of service parameters, such as system throughput and response time, still preserving to a specific extent the properties for which they are introduced.Examples such as this emphasize the importance of integrating the different qualitative and quantitative views of a system in order to understand whether a reasonable balance can be achieved between the satisfaction of security requirements and the expected quality of service. However, foundational approaches to the analysis of secure and performance-aware systems have not successfully

show abstract

“…Singh et al [16] have used probabilistic modeling to validate an intrusion-tolerant system, emphasizing the effects of intrusions on the system behavior and the ability of the intrusion-tolerant mechanisms to handle those effects, while using very simple assumptions about the discovery and exploitation of vulnerabilities by the attackers to achieve those intrusions. Gupta et al [7] have used a similar approach to evaluate the security and performance of several intrusion-tolerant server architectures.…”

Section: Introductionmentioning

confidence: 99%

Model-based validation of an intrusion-tolerant information system

Stevens

Courtney

Singh

et al. 2004

Proceedings of the 23rd IEEE International Symposium on Reliable Distributed Systems, 2004.

View full text Add to dashboard Cite

An increasing number of computer systems are designed to be distributed across both local and wide-area networks, performing a multitude of critical information-sharing and computational tasks. Malicious attacks on such systems are a growing concern, where attackers typically seek to degrade quality of service by intrusions that exploit vulnerabilities in networks, operating systems, and application software. Accordingly, designers are seeking improved techniques for validating such systems with respect to specified survivability requirements. In this regard, we describe a model-based validation effort that was undertaken as part of a unified approach to validating a networked intrusiontolerant information system. Model-based results were used to guide the system's design as well as to determine whether a given survivability requirement was satisfied.

show abstract

Dependability and Performance Evaluation of Intrusion-Tolerant Server Architectures

Cited by 31 publications

References 5 publications

Diversity with intrusion detection systems: An empirical study

Diversity with intrusion detection systems: An empirical study

Weak Behavioral Equivalences for Verifying Secure and Performance-Aware Component-Based Systems

Model-based validation of an intrusion-tolerant information system

Contact Info

Product

Resources

About