Abstract
Nowadays, as many information systems are connected to Internet and provide useful services to people through Internet, this openness makes the systems as targets of attackers. Even though conventional security solutions such as intrusion detection system (IDS) or firewall were designed to protect such attacks, it is impossible to block all the attacks. The researches on intrusion tolerant system (ITS) have been conducted in order to keep the proper services in the threatening environments. In this paper, we propose a novel Adaptive Recovery Scheme (ARS) which can be applied to intrusion tolerant architecture. ARS has proactive recovery scheme and reactive recovery scheme including self-recovery and emergency recovery. ARS selects appropriate recovery scheme according to internal and external factors to maintain required security and performance level. Additionally, ARS protects an integrity of critical files through snapshot technology. The performance of ARS is compared with existing recovery-based intrusion tolerant system by CSIM 20.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Wang F, Gong F, Sargor C, Goseva K, Trivedi K, Jou F (2001) Scalable intrusion tolerance architecture for distributed server. In Proceedings of the second IEEE SMC information assurance workshop, 2001
Huang Y, Sood A (2002) Self-cleansing systems for intrusion containment. In: Proceedings of workshop on self-healing, adaptive, and self-managed systems (SHAMAN), 2002
Arsenault D, Sood A, Huang Y (2007) Secure, resilient computing clusters: self-cleansing intrusion tolerance with hardware enforced security (SCIT/HES). In: Proceedings of the second international conference on availability, reliability and security (ARES 2007), 2007
Sousa P, Bessani AN, Correia M, Neves NF, Ver′ıssimo P (2010) Highly available intrusion-tolerant services with proactive-reactive recovery. IEEE Trans Parallel Distrib Syst 21(4):452–465
Schwetman H (2001) CSIM19: a powerful tool for building system models. In Proceedings of the 2001 winter simulation conference, pp 250–255
Saidane A, Nicomette V, Deswarte Y (2008) The design of a generic intrusion tolerant architecture for internet servers. IEEE Trans Dependable Secure Comput, 2008
Just JE, Reynolds JC (2001) HACQIT (Hierarchical adaptive control of QoS for intrusion tolerance). In: Proceedings of the 17th annual computer security applications conference, 2001
Chong J, Pal P, Atighetchi M, Rubel P, Webber F (2005) Survivability architecture of a mission critical system: the DPASA example. In: Proceedings of the 21st annual computer security applications conference, pp 495–504
Acknowledgments
This research was supported by the MKE (The Ministry of Knowledge Economy), Korea, under the CYBER SECURITY RESEARCH CENTER supervised by the NIPA (National IT Industry Promotion Agency), NIPA-H0701-12-1001.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer Science+Business Media Dordrecht
About this paper
Cite this paper
Heo, S., Lim, J., Lee, M., Lee, S., Yoon, H. (2013). A Novel Intrusion Tolerant System Based on Adaptive Recovery Scheme (ARS). In: Kim, K., Chung, KY. (eds) IT Convergence and Security 2012. Lecture Notes in Electrical Engineering, vol 215. Springer, Dordrecht. https://doi.org/10.1007/978-94-007-5860-5_9
Download citation
DOI: https://doi.org/10.1007/978-94-007-5860-5_9
Published:
Publisher Name: Springer, Dordrecht
Print ISBN: 978-94-007-5859-9
Online ISBN: 978-94-007-5860-5
eBook Packages: EngineeringEngineering (R0)