Abstract
To construct the ITS(Intrusion Tolerance System), we should concern not only the FTS(Fault Tolerant System) requirements but also intrusion and vulnerability factors. But, in the ITS, we can not take into account the intrusion and vulnerability as they are, because the characteristics and pattern of them is unknown. So, we suggest vulnerability analysis method that enable ITS to know the pattern of vulnerability exploitation more specifically. We make use of the atomic vulnerability concept to analyze the vulnerability in DNS system, and show how to make use of the analysis result as monitoring factors in our DNS ITS system. Also, this analysis result is used in modeling and simulation to see the dynamics of computer network for vulnerability and external malicious attack. This paper shows simulation execution examples making use of the vulnerability analysis result.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Mead, N.R., et al.: Survivable Network Analysis Method, CMU/SEI-2000-TR-013 (September 2000)
Ellison, R.J., Fisher, D.A., Linger, R.C., Lipson, H.F., Longstaff, T.A., Mead, N.R.: Survivability: Protecting Your Critical Systems. IEEE Internet Computing 3, 55–63 (1999)
Cohen, F.: Simulating Cyber Attacks, Defenses, and Consequences. Computer & Security 18, 479–518 (1999)
Bishop, M.: Vulnerabilities Analysis. In: Proceedings of the Recent Advances in Intrusion Detection, pp. 125–136 (September 1999)
Ye, N., Giordano, J.: CACA - A Process Control Approach to Cyber Attack Detection. Communications of the ACM 44(8), 76–82 (2001)
Kim, H., Ko, K., Shin, D., Kim, H.: Vulnerability assessment simulation for information infrastructure protection. In: Davida, G.I., Frankel, Y., Rees, O. (eds.) InfraSec 2002, vol. 2437, p. 145. Springer, Heidelberg (2002)
Kim, H.: System specification based network modeling for survivability testing simulation. In: Lee, P.J., Lim, C.H. (eds.) ICISC 2002, vol. 2587, pp. 90–106. Springer, Heidelberg (2003)
Cho, T., Kim, H.: DEVS Simulation of Distributed Intrusion Detection System. Transactions of the Society for Computer Simulation International 18(3), 133–146 (2001)
Zeigler, B.P., Praehofer, H., Kim, T.: Theory of Modeling and Simulation, 2nd edn. Academic Press, London (2000)
Zeigler, B.P.: Object-Oriented Simulation with Hierarchical, Modular Models. Academic Press, San Diego (1990)
Adelsbach, A., et al.: Conceptual Model and Architecture of MAFTIA . Project MAFTIA IST-1999-11583 deliverable D21 (2002)
Cukier, M., Lyons, J., et al.: Intrusion Tolerance Approaches in ITUA. In: FastAbstract in Supplement of the 2001 International Conference on Dependable Systems and Networks, Göteborg, Sweden, July 1-4, pp. B-64–B-65(2001)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kim, HJ. (2005). Vulnerability Modeling and Simulation for DNS Intrusion Tolerance System Construction. In: Kim, T.G. (eds) Artificial Intelligence and Simulation. AIS 2004. Lecture Notes in Computer Science(), vol 3397. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30583-5_9
Download citation
DOI: https://doi.org/10.1007/978-3-540-30583-5_9
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-24476-9
Online ISBN: 978-3-540-30583-5
eBook Packages: Computer ScienceComputer Science (R0)