Defensive execution of transactional processes against attacks

Abstract

It is a well known problem that the attack recovery of a self-healing system rolls back not only malicious transactions, but also legitimate transactions that are dependent on the malicious transactions. Rolling back and re-executing damaged transactions increase the response time of the system and may cause a significant processing delay. In such situations, the availability of the system is compromised and the system suffers the vulnerability of denial of service (DoS). In this paper, we propose a defensive executing technique and analyze its effectiveness. Our technique concurrently executes multiple paths of a transactional processes based on the prediction generated by a discrete time Markov chain. The defensive execution can reduce the delay caused by recovery. We also propose a branch cutting technique to reduce the extra cost introduced by defensive execution. Our analytical results show that our technique is practical against transactional level attacks