A novel approach to building intrusion tolerant systems

Wenbing Zhao

A novel approach to building intrusion tolerant systems

Wenbing Zhao

Electrical and Computer Engineering

Cleveland State University

Research output: Contribution to journal › Article › peer-review

2 Scopus citations

Abstract

A novel approach of structuring mission-critical systems with an emphasis on intrusion tolerance is described. Key components in the proposed system include traffic regulation, application request processing, state protection, integrity checking, and process/node health monitoring. In particular, the separation of execution and state management enables the use of a single process to manage application requests, thereby reducing run-time overhead and enables highly concurrent executions. Furthermore, intrusion attacks are mitigated by two means: (1) append-only state logging so that a compromised execution node cannot corrupt state updates from other nodes; and (2) acceptance testing as a way to verify the integrity of the execution of application requests. When an attack is detected, the malformed requests that materialized the attack are quarantined, and such requests (current and future ones) are rejected. © RAMS Consultants.Printed in India.

Original language	English
Pages (from-to)	123-132
Number of pages	10
Journal	International Journal of Performability Engineering
Volume	10
Issue number	2
State	Published - Jan 1 2014

Keywords

Acceptance test
Fault and intrusion tolerance
Logging and checkpointing
Replication

Cite this

@article{6b5824c8c36846bd89b81439b0e5bd7f,

title = "A novel approach to building intrusion tolerant systems",

abstract = "A novel approach of structuring mission-critical systems with an emphasis on intrusion tolerance is described. Key components in the proposed system include traffic regulation, application request processing, state protection, integrity checking, and process/node health monitoring. In particular, the separation of execution and state management enables the use of a single process to manage application requests, thereby reducing run-time overhead and enables highly concurrent executions. Furthermore, intrusion attacks are mitigated by two means: (1) append-only state logging so that a compromised execution node cannot corrupt state updates from other nodes; and (2) acceptance testing as a way to verify the integrity of the execution of application requests. When an attack is detected, the malformed requests that materialized the attack are quarantined, and such requests (current and future ones) are rejected. {\textcopyright} RAMS Consultants.Printed in India.",

keywords = "Acceptance test, Fault and intrusion tolerance, Logging and checkpointing, Replication",

author = "Wenbing Zhao",

year = "2014",

month = jan,

day = "1",

language = "English",

volume = "10",

pages = "123--132",

journal = "International Journal of Performability Engineering",

issn = "0973-1318",

publisher = "RAMS Consultants",

number = "2",

}

TY - JOUR

T1 - A novel approach to building intrusion tolerant systems

AU - Zhao, Wenbing

PY - 2014/1/1

Y1 - 2014/1/1

N2 - A novel approach of structuring mission-critical systems with an emphasis on intrusion tolerance is described. Key components in the proposed system include traffic regulation, application request processing, state protection, integrity checking, and process/node health monitoring. In particular, the separation of execution and state management enables the use of a single process to manage application requests, thereby reducing run-time overhead and enables highly concurrent executions. Furthermore, intrusion attacks are mitigated by two means: (1) append-only state logging so that a compromised execution node cannot corrupt state updates from other nodes; and (2) acceptance testing as a way to verify the integrity of the execution of application requests. When an attack is detected, the malformed requests that materialized the attack are quarantined, and such requests (current and future ones) are rejected. © RAMS Consultants.Printed in India.

AB - A novel approach of structuring mission-critical systems with an emphasis on intrusion tolerance is described. Key components in the proposed system include traffic regulation, application request processing, state protection, integrity checking, and process/node health monitoring. In particular, the separation of execution and state management enables the use of a single process to manage application requests, thereby reducing run-time overhead and enables highly concurrent executions. Furthermore, intrusion attacks are mitigated by two means: (1) append-only state logging so that a compromised execution node cannot corrupt state updates from other nodes; and (2) acceptance testing as a way to verify the integrity of the execution of application requests. When an attack is detected, the malformed requests that materialized the attack are quarantined, and such requests (current and future ones) are rejected. © RAMS Consultants.Printed in India.

KW - Acceptance test

KW - Fault and intrusion tolerance

KW - Logging and checkpointing

KW - Replication

UR - https://www.scopus.com/inward/record.uri?partnerID=HzOxMe3b&scp=84898069042&origin=inward

UR - https://www.scopus.com/inward/citedby.uri?partnerID=HzOxMe3b&scp=84898069042&origin=inward

M3 - Article

SN - 0973-1318

VL - 10

SP - 123

EP - 132

JO - International Journal of Performability Engineering

JF - International Journal of Performability Engineering

IS - 2

ER -

A novel approach to building intrusion tolerant systems

Abstract

Keywords

Other files and links

Cite this