Formal Analysis and Improvement of the State Transition Model for Intrusion Tolerant System

  • Kaile Su
  • Congxin Zhao
  • Guanfeng Lv
  • Han Lin
  • Qingliang Chen
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3828)


Intrusion tolerance is an emerging network security technique, which enables the victim server systems to continue offering services (or degraded services) after being attacked. A state transition model has been presented to describe the dynamic behaviors of intrusion tolerant systems. In this paper, we build an attack finite state system based on the recent network attacks, and use SMV, a model checking tool, to analyze the intrusion tolerant systems by the interaction of the system model and the attack model. The analysis results demonstrate that not all types of attacks can be mapped to the system model. We improve this state transition model, whose correctness is proved by SMV. In addition, we give two attack instances mapped to our improved model.


Model Check Temporal Logic Computation Tree Logic State Transition Diagram Symbolic Model Check 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Sargor, C., Goseva-Popstojanova, K., Trivedi, K., Wang, F., Gong, F., Jou, F.: Sitar: A scalable intrusion-tolerant architecture for distributed services. In: Proceeding of 2nd Annual IEEE Systems, Man, and Cybernetics Informations Assurance Workshop, West Point, NY, June 2001. IEEE Computer Society Press, Los Alamitos (2001)Google Scholar
  2. 2.
    Gong, F., Vaidyanathan, K., Trivedi, K., Goseva-Popstojanova, K., Wang, F., Muthusamy, B.: Characterizing intrusion tolerant systems using a state transition model. In: Proceeding of DARPA Information Survivability Conference and Exposition II, DISCEX 2001, June 12-14, vol. 2, pp. 211–221 (2001)Google Scholar
  3. 3.
    Clarke, E.M., Emerson, E.: Design and synthesis of synchronization skeletons using branching time temporal logic. In: Kozen, D. (ed.) Logic of Programs 1981. LNCS, vol. 131. Springer, Heidelberg (1982)CrossRefGoogle Scholar
  4. 4.
    Emerson, E.A., Clarke, E.M., Sistla, A.P.: Automatic verification of finite states concurrent systems using temporal logic specification. ACM Transactions on Programming Languages and Systems 1(2), 244–263 (1986)Google Scholar
  5. 5.
    Grumberg, O., Clarke, E.M., Peled, D.A.: Model Checking. The MIT Press, Cambridge (2000)Google Scholar
  6. 6.
    McMillan, K.: SMV documentation postscript versions,
  7. 7.
    Bryant, R.E.: Graph-based algorithms for boolean function manipulation. IEEE Transactions on Computers 35(8), 677–691 (1986)zbMATHCrossRefGoogle Scholar
  8. 8.
    Rocky, C.K.C.: Defending against flooding-based distribute denial-of-service attacks. IEEE Communications Magazine (October 2002)Google Scholar
  9. 9.
    Voelker, G., Moore, D., Savage, S.: Inferring internet denial-of-service activity. In: Proceeding of 10th USENIX Sevurity Symposium (2001)Google Scholar
  10. 10.
    Computer Emergency Response Team. Results of distributed systems intruder tools (October 1999),
  11. 11.
    Partidge, C., Snoeren, A.C., Luis, A.: Hash-based IP traceback. In: Proceedings of ACM SIGCOMM (2001)Google Scholar
  12. 12.
  13. 13.
    Postel, J.: Transmission control protocol RFC792 (September 1981)Google Scholar
  14. 14.
    Su, K.: Model checking temporal logics of knowledge in distributed systems. In: Proceedings of the Nineteenth National Conference on Artificial Intelligence, Sixteenth Conference on Innovative Applications of Artificial Intelligence, pp. 98–103. AAAI Press/The MIT Press (2004)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Kaile Su
    • 1
    • 2
  • Congxin Zhao
    • 1
  • Guanfeng Lv
    • 3
  • Han Lin
    • 1
  • Qingliang Chen
    • 1
  1. 1.Department of Computer ScienceSun Yat-sen UniversityGuangzhouP.R. China
  2. 2.Institute for Integrated and Intelligent SystemsGriffith UniversityBrisbaneAustralia
  3. 3.College of Computer ScienceBeijing University of TechnologyBeijingP.R. China

Personalised recommendations