Basic Aspects in Redundancy-Based Intrusion Tolerance

2021 ◽  
pp. 192-202
Author(s):  
Felicita Di Giandomenico ◽  
Giulio Masetti
Keyword(s):  
Intrusion Tolerance

scholarly journals A Markov-Based Intrusion Tolerance Finite Automaton

2021 ◽  
Vol 28 (2) ◽  
pp. 89-100
Keyword(s):  
Network Security ◽  
Markov Model ◽  
Finite Automaton ◽  
Network Services ◽  
Intrusion Tolerance ◽  
Security Strategy ◽  
Automatic Learning ◽  
Learning Mechanism ◽  
Proposed Model ◽  
Tolerance Model

It is inevitable for networks to be invaded during operation. The intrusion tolerance technology comes into being to enable invaded networks to provide the necessary network services. This paper introduces an automatic learning mechanism of the intrusion tolerance system to update network security strategy, and derives an intrusion tolerance finite automaton model from an existing intrusion tolerance model. The proposed model was quantified by the Markov theory to compute the stable probability of each state. The calculated stable probabilities provide the theoretical guidance and basis for administrators to better safeguard network security. Verification results show that it is feasible, effective, and convenient to integrate the Markov model to the intrusion tolerance finite automaton.

Internet Security: An Intrusion-Tolerance Approach

2006 ◽  
Vol 94 (2) ◽  
pp. 432-441 ◽  
Author(s):  
Y. Deswarte ◽  
D. Powell
Keyword(s):  
Internet Security ◽  
Intrusion Tolerance ◽  
Tolerance Approach

Intrusion Tolerance in Information Systems

2011 ◽  
pp. 2239-2243
Author(s):  
Wenbing Zhao
Keyword(s):  
Information Systems ◽  
Software Systems ◽  
Threshold Cryptography ◽  
Software Components ◽  
Intrusion Tolerance ◽  
Confidential Information ◽  
High Expectations ◽  
Intrusion Prevention ◽  
Critical Data ◽  
Commercial Off The Shelf

Today’s information systems are expected to be highly available and trustworthy — that is, they are accessible at any time a user wants to, they always provide correct services, and they never reveal confidential information to an unauthorized party. To meet such high expectations, the system must be carefully designed and implemented, and rigorously tested (for intrusion prevention). However, considering the intense pressure for short development cycles and the widespread use of commercial off-the-shelf software components, it is not surprising that software systems are notoriously imperfect. The vulnerabilities due to insufficient design and poor implementation are often exploited by adversaries to cause a variety of damages, for example, crashing of the system, leaking of confidential information, modifying or deleting of critical data, or injecting of erroneous information into a system. This observation prompted the research on intrusion tolerance techniques (Castro & Liskov, 2002; Deswarte, Blain, & Fabre, 1991; Verissimo, Neves, & Correia, 2003; Yin, Martin, Venkataramani, Alvisi, & Dahlin, 2003). Such techniques can tolerate intrusion attacks in two respects: (1) a system continues providing correct services (may be with reduced performance), and (2) no confidential information is revealed to an adversary. The former can be achieved by using the replication techniques, as long as the adversary can only compromise a small number of replicas. The latter is often built on top of secrete sharing and threshold cryptography techniques. Plain replication is often perceived to reduce the confidentiality of a system, because there are more identical copies available for penetration. However, if replication is integrated properly with secrete sharing and threshold cryptography, both availability and confidentiality can be enhanced.

Towards Real-Time-Aware Intrusion Tolerance

2018 ◽  
Author(s):  
Christoph Lambert ◽  
Marcus Volp ◽  
Jeremie Decouchant ◽  
Paulo Esteves-Verissimo
Keyword(s):  
Real Time ◽  
Intrusion Tolerance ◽  
Time Aware
Sign in / Sign up

Export Citation Format

Share Document