Welcome To WUJNS
武汉大学学报 英文版 | Wuhan University Journal of Natural Sciences
Wan Fang
CNKI
CSCD
Wuhan University
Latest Article
Quantitative Analysis of Multi-Recovery-Based Intrusion Tolerance Model
Time:2018-5-25  
HUANG Jianhua, LI Fanchao , CHEN Liangjie
School of Information Science and Engineering, East China University of Science and Technology, Shanghai 200237, China
Abstract:
 Quantitative analysis has always been a difficult problem in security analysis of intrusion tolerance systems. An intrusion tolerance model based on multiple recovery mechanisms is introduced in this paper and how to quantify the security attributes of the model is proposed. A state transition model with recovery states more accurately describes the dynamic behavior of the system. Considering that recovery mechanisms have a great impact on the security performance of the system, we set up the cost models corresponding to different recovery mechanisms. We propose a feasible security measure based on mean cost to security failure in order to evaluate the system cost during the recovery phase. The experimental results confirmed the feasibility of the proposed methods.
Key words:intrusion tolerance; quantitative analysis; semi- Markov model; cost
CLC number:TP 309
References:
[1]	Fraga J, Powell D. A fault and intrusion-tolerant file sys-tem[C]// Computer Security: The Practical Issues in a Troubled World. Proceedings of the Third IFIP International Conference on Computer Security. Amsterdam: North-Holland, 1985: 203-218.
[2]	Wang F, Upppalli R. SITAR: A scalable intrusion-tolerant architecture for distributed services [C] // Darpa Information Survivability Conference & Exposition. Piscataway: IEEE, 2001: 359-367. 
[3]	Huang Y, Arsenault D, Sood A. Incorruptible self-cleansing intrusion tolerance and its application to DNS security[J]. Journal of Networks, 2006, 1(5): 21-30.
[4]	Gosevapopstojanova K, Vaidyanathan K, Trivedi K, et al. Characterizing intrusion tolerant systems using a state transition model[C]// Proc 2001 DARPA Information Survivability Conference, Piscataway: IEEE, 2001: 211-221. 
[5]	Madan B, Eva-Popstojanova K, Vaidyanathan K, et al. A method for modeling and quantifying the security attributes of intrusion tolerant systems[J]. Performance Evaluation, 2004, 56(1): 167-186.
[6]	Aghajani Z, Azgomi M A. Security evaluation of an intru-sion tolerant Web service architecture using stochastic activity networks[C]// International Conference and Workshops on Advances in Information Security and Assurance. Berlin Heidelberg: Springer-Verlag, 2009: 260-269.
[7]	Huang Y, Arsenault D, Sood A. Incorruptible self-cleansing intrusion tolerance and its application to DNS security[J]. Journal of Networks, 2006, 1(5): 21-30.
[8]	Nguyen Q L, Sood A. Quantitative Approach to tuning of a time-based intrusion-tolerant system architecture[C]// 3rd Workshop on Recent Advances in Intrusion Tolerant Systems, Piscataway: IEEE, 2009: 132-139.
[9]	Reiser H P, Kapitza R. Hypervisor-based efficient proactive recovery[C]// IEEE International Symposium on Reliable Distributed Systems. Piscataway: IEEE, 2007:87-93.
[10]	Huang Y, Ghosh A K, Bracewell T, et al. A security evalua-tion of a novel resilient Web serving architecture: Lessons learned through industry/academia collaboration[C]// International Conference on Dependable Systems and Networks Workshops. Piscataway: IEEE, 2010: 188-193.
[11]	Nguyen Q L, Sood A. Designing SCIT architecture pattern in a cloud-based environment[C]// International Conference on Dependable Systems and Networks Workshops. Piscataway: IEEE, 2011: 123-128.
[12]	Sousa P, Bessani A N, Correia M, et al. Resilient intrusion tolerance through proactive and reactive recovery [C] // Pacific Rim International Symposium on Dependable Computing. Piscataway: IEEE, 2007: 373-380.
[13]	Mir I E, Dong S K, Haqiq A. Security modeling and analysis of a self-cleansing intrusion tolerance technique[C]// Inter-national Conference on Information Assurance and Security. Piscataway: IEEE, 2016: 111-117.
[14]	Ouffoue G, Ortiz A M, Cavalli A R, et al. Intrusion detection and attack tolerance for cloud environments: The CLARUS approach[C]// IEEE, International Conference on Distributed Computing Systems Workshops. Piscataway: IEEE, 2016: 61-66.
[15]	Chatti S, Ounelli H. An intrusion tolerance scheme for a cloud of databases environment[C]// International Confer-ence on Network-Based Information Systems. Piscataway: IEEE, 2016:474-479.
[16]	Zheng J, Okamura H, Dohi T. Mean time to security failure of VM-based intrusion tolerant systems[C]// IEEE, International Conference on Distributed Computing Systems Workshops. Piscataway: IEEE, 2016:128-133.
[17]	Hamadi R, Benatallah B. A Petri net-based model for web service composition[C]// Australasian Database Conference. Australian Computer Society. Sydney: ACM, 2003:191-200.
[18]	Sanders W H, Meyer J F. Stochastic activity networks: Formal definitions and concepts[C]// School organized by the European Educational Forum. Berlin Heidelberg: Springer- Verlag, 2000: 315-343.
[19]	Huang J H, Yang T Y. A method for quantifying the security of intrusion tolerant system[C]// Computer Network and Multimedia Technology. Piscataway: IEEE, 2009: 187-192.
[20]	Huang J H, Gan H S. Quantitative approach to dynamic security of intrusion tolerant systems[J]. Journal of Computer Applications, 2011, 31(1):123-126(Ch).
[21]	Nagarajan A, Sood A. SCIT and IDS architectures for re-duced data ex-filtration[C] // Dependable Systems and Networks. Piscataway: IEEE, 2010: 164-169.
Welcome To WUJNS

HOME | Aim and Scope | Editoral Board | Current Issue | Back Issue | Subscribe | Crosscheck | Polishing | Contact us Copyright © 1997-2018 All right reserved