James C. Reynolds, J. Just, E. Lawson, L. Clough, R. Maglich, K. Levitt
{"title":"一个入侵容忍系统的设计与实现","authors":"James C. Reynolds, J. Just, E. Lawson, L. Clough, R. Maglich, K. Levitt","doi":"10.1109/DSN.2002.1028912","DOIUrl":null,"url":null,"abstract":"We describe the implementation of an intrusion tolerant system for providing Internet services to known users through secure connections. Network attacks are treated as maliciously devised conditions to exploit design, implementation, or configuration faults, intrusions (successful attacks) are treated as failures, and their effects are mitigated by using the three pillars of fault tolerance: detection, isolation, and recovery. Fundamental to our approach is the use of diverse process pairs, which provides partial solutions to detection and isolation problems. The architecture uses the comparison of outputs from diverse applications to provide a significant and novel intrusion detection capability. The diverse applications also strengthen isolation by forcing attacks to exploit independent vulnerabilities. The isolation of intrusions is mainly achieved with an out-of-band control system. The control system not only provides separation between the primary and backup system, it also initiates attack diagnosis, attack blocking, and recovery, which is accelerated by on-line repair.","PeriodicalId":93807,"journal":{"name":"Proceedings. International Conference on Dependable Systems and Networks","volume":"30 1","pages":"285-290"},"PeriodicalIF":0.0000,"publicationDate":"2002-06-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"70","resultStr":"{\"title\":\"The design and implementation of an intrusion tolerant system\",\"authors\":\"James C. Reynolds, J. Just, E. Lawson, L. Clough, R. Maglich, K. Levitt\",\"doi\":\"10.1109/DSN.2002.1028912\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"We describe the implementation of an intrusion tolerant system for providing Internet services to known users through secure connections. Network attacks are treated as maliciously devised conditions to exploit design, implementation, or configuration faults, intrusions (successful attacks) are treated as failures, and their effects are mitigated by using the three pillars of fault tolerance: detection, isolation, and recovery. Fundamental to our approach is the use of diverse process pairs, which provides partial solutions to detection and isolation problems. The architecture uses the comparison of outputs from diverse applications to provide a significant and novel intrusion detection capability. The diverse applications also strengthen isolation by forcing attacks to exploit independent vulnerabilities. The isolation of intrusions is mainly achieved with an out-of-band control system. The control system not only provides separation between the primary and backup system, it also initiates attack diagnosis, attack blocking, and recovery, which is accelerated by on-line repair.\",\"PeriodicalId\":93807,\"journal\":{\"name\":\"Proceedings. International Conference on Dependable Systems and Networks\",\"volume\":\"30 1\",\"pages\":\"285-290\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2002-06-23\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"70\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings. International Conference on Dependable Systems and Networks\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/DSN.2002.1028912\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings. International Conference on Dependable Systems and Networks","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/DSN.2002.1028912","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
The design and implementation of an intrusion tolerant system
We describe the implementation of an intrusion tolerant system for providing Internet services to known users through secure connections. Network attacks are treated as maliciously devised conditions to exploit design, implementation, or configuration faults, intrusions (successful attacks) are treated as failures, and their effects are mitigated by using the three pillars of fault tolerance: detection, isolation, and recovery. Fundamental to our approach is the use of diverse process pairs, which provides partial solutions to detection and isolation problems. The architecture uses the comparison of outputs from diverse applications to provide a significant and novel intrusion detection capability. The diverse applications also strengthen isolation by forcing attacks to exploit independent vulnerabilities. The isolation of intrusions is mainly achieved with an out-of-band control system. The control system not only provides separation between the primary and backup system, it also initiates attack diagnosis, attack blocking, and recovery, which is accelerated by on-line repair.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
