On the Resilience of the Dependability Framework to the Intrusion of New Security Threats
B. Randell has been instrumental, with others, in the definition of the dependability framework. Initially thought of with a strong emphasis on accidental faults, it has paid more attention over the years to intentional ones and, thus, to classical security concepts as well. Recently, a couple of incidents have received a lot of attention: the Hydraq and Stuxnet worms outbreaks. They have been used to highlight what is being presented as a new and growing security concern, namely the so-called advanced persistent threats (a.k.a. apts). In this paper, we analyse how resilient the historical dependability framework can be with respect to these sudden changes in the threats landscape. We do this by offering a very brief summary of the concepts of interest for this discussion. Then we look into the Hydraq and Stuxnet incidents to identify their novel characteristics. We use these recent cases to figure out if the existing taxonomy is adequate to reason about these new threats. We eventually conclude this chapter by proposing some future avenues for research in that space.
Keywordsdependability resilience security intrusion detection fault tolerance attack vulnerability advanced persistent threat
Unable to display preview. Download preview PDF.
- 1.Anderson, J.P.: Computer Security Threat Monitoring and Surveillance. Technical report (1980)Google Scholar
- 2.Avizienis, A., Laprie, J.-C., Randell, B., Landwehr, C.: Basic Concepts and Taxonomy of Dependable and Secure Computing. IEEE Transactions on Dependable and Secure Computing 1(1) (January-March 2004)Google Scholar
- 3.Dacier, M. (ed.): Design of an Intrusion-Tolerant Intrusion Detection System. Deliverable D21 of the European funded project maftia (ist-1999-11583), 111 pages (January 31, 2003)Google Scholar
- 4.Daly, M.K.: Advanced Persistent Threat (or Informationized Force Operations). In: 23rd Large Installation System Administration Conference (lisa), Usenix, Baltimore, MD, USA (November 4, 2009)Google Scholar
- 5.Debar, H., Dacier, M., Wespi, A.: A revised taxonomy for intrusion-detection systems. Annals of Telecommunications 55(7-8), 361–378 (2000), doi:10.1007/BF02994844Google Scholar
- 6.Falliere, N., O Murchu, L., Chien, E.: W32.Stuxnet Dossier. Symantec White paper, v.1.4, 68 pages (February 2011), http://www.symantec.com/connect/blogs/w32stuxnet-dossier
- 7.Ferrer, Z., Ferrer, M.C.: In-depth Analysis of Hydraq, The face of cyberwar enemies unfolds. ca isbu-isi white paper, 37 pages (March 12, 2010)Google Scholar
- 9.Laprie, J.-C.: From Dependability to Resilience. The 38th Annual ieee/ifip International Conference on Dependable Systems and Networks, dsn 2008, Fast Abstract session, Anchorage, Alaska, USA (June 24-27, 2008)Google Scholar
- 10.Powell, D., Stroud, R. (eds.): Conceptual Model and Architecture of maftia. Deliverable D21 of the European funded project maftia (ist-1999-11583), 111 pages (January 31, 2003)Google Scholar
- 11.Somaini, J.: How to Combat the Cyber Espionage Threat. Industry Perspectives News article, Symantec, http://eval.symantec.com/mktginfo/enterprise/articles/b-article_how_to_combat_espionage_threat.en-us.pdf
- 12.Treadstone: The mythical Beast That Hides in Your Closet, white paper http://www.treadstone71.com/whitepapers/TheMythicalBeastThatHidesinYourCloset.pdf