Abstract
The notion of proactive security of basic primitives and cryptosystems was introduced in order to tolerate a very strong “mobile adversary[1][2][3][4]”. However, even though proactive maintenance is employed, it is a hard problem to detect the viruses which are skillfully developed and latent in the memory of servers. We introduce a new type of virus attacks, called latent virus attack, in which viruses reside in the intruded server and wait for the chance for viruses colluding with each other to intrude more than the threshold of servers.
The main subject of this paper is to analyze the resilience of proactive system against latent virus attacks and present how to enhance the security against such virus attacks.
At first, we estimate the robustness of proactivized systems against this attack by probabilistic analysis. As a result, we show that if the virus detection rate is higher than a certain threshold, it is possible for proactive maintenance to make the system robust, while, if less than the threshold, the failure probability of the system is dependent only on the virus infection rate.
In order to enhance the resilience against such virus attacks, we propose the notion of active rebooting, in which the system performs the reboot procedure on a predetermined number of servers in the total independence of servers being infected or not. We estimate the security of proactive maintenance with active rebooting by extending the probabilistic model of proactive maintenance. As a result, we show that active rebooting enables us not only to enhance the security against the viruses with higher infection rate, but also to make the system robust even in the case of a low detection rate. Moreover, we show that it is effective even in the case the number of servers which are forced to carry out the reboot operation every update phase is comparatively small.
This work was performed in part of Research for the Future Program (RFTF) supported by Japan Society for the Promotion of Science (JSPS) under contact no. JSPS-RFTF 96P00604.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
R. Ostrovsky and M. Yung. How to withstand mobile virus attacks. In Proc. of PODC’91, pages 51–59, 1991.
A. Herzberg, S. Jarecki, H. Krawczyk, and M. Yung. Proactive secret sharing, or: How to cope with perpetual leakage. In Proc. of CRYPTO’95, pages 339–352, 1995.
A. Herzberg, M. Jakobsson, S. Jarecki, and H. Krawczyk. Proactive public key and signature systems. In Proc. of The 4-th ACM Symposium on Computer and Communication Security’97, April 1997.
Y. Frankel, P. Gemmell, P. Mackenzie, and M. Yung. Proactive RSA. In Proc. of CRYPTO’97, pages 440–454, 1997.
A. Shamir. How to share a secret. Comm. of ACM, 22:612–613, 1979.
Y. Desmedt. Threshold cryptosystem. European Transactions on Telecommunications, 5(4):449–457, 1994.
P. S. Gemmell. An introduction to threshold cryptography. CryptoBytes, 2(3):7–12, 1997.
Y. Frankel and M. Yung. Distributed public key cryptography. In Proc. of PKC’98, pages 1–13, 1998.
R. Canetti, R. Gennaro, A. Herzberg, and D. Naor. Proactive security: Long-term protection against break-ins. CryptoBytes, 3(1):1–8, 1997.
P. Feldman. A practical scheme for non-interactive verifiable secret sharing. In Proc. of FOCS’87, pages 427–437, 1987.
T. P. Pedersen. Non-interactive and information-theoretic secure verifiable secret sharing. In Proc. of CRYPTO’91, pages 129–140, 1991.
F. Cohen. Computer viruses, theory and experiments. Computers & Security, 6:22–35, 1987.
Y. Sengoku, E. Okamoto, M. Mambo, and T. Uematsu. Analysys of infection and distinction of computer viruses in computer networks. In Proc. of International Symposium on Information Theory and Its Applications (ISITA’96), pages 163–166, 1996.
J. Kephart and S. White. Directed-graph epidemiological models of computer viruses. In Proc. of IEEE Symposium on Security and Privacy, pages 343–359, 1991.
A. De Santis, Y. Desmedt, Y. Frankel, and M. Yung. How to share a function securely. In Proc. of STOC’94, pages 522–533, 1994.
R. L. Rivest, A. Shamir, and D. A. Wagner. Time-lock puzzles and timed-release crypto. In Manuscript at http://theory.lcs.mit.edu/~rivest/.
G. D. Crescenzo, R. Ostrovsky, and S. Rajagopalan. Conditional oblivious transfer and timed-release encryption. In Proc. of Eurocrypt’99, pages 74–89, 1999.
L. Adleman. Abstract theory of computer viruses. In Proc. of CRYPTO’88, pages 354–374, 1988.
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 1999 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Watanabe, Y., Imai, H. (1999). Active Rebooting Method for Proactivized System: How to Enhance the Security against Latent Virus Attacks. In: Information Security. ISW 1999. Lecture Notes in Computer Science, vol 1729. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-47790-X_11
Download citation
DOI: https://doi.org/10.1007/3-540-47790-X_11
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-66695-0
Online ISBN: 978-3-540-47790-7
eBook Packages: Springer Book Archive