Skip to main content
Springer Nature Link
Log in

Self-protection for Distributed Component-Based Applications

  • Conference paper
Stabilization, Safety, and Security of Distributed Systems (SSS 2006)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 4280))

Included in the following conference series:

Abstract

The complexity of today’s distributed computing environments is such that the presence of bugs and security holes is statistically unavoidable. A very promising approach to this issue is to implement a self-protected system, similarly to a natural immune system which has the ability to detect the intrusion of foreign elements and react while it is still in progress.

This paper describes an approach relying on component-based software engineering to ease the protection of distributed systems. The knowledge of the application architecture is used to detect foreign activities and to trigger counter measures. We focus on a mean to recognize known and unknown attacks independently from legacy software and avoiding false positives. Hence, the scope of the detected attacks is, for the moment, limited to the detection of illegal communications. We describe how this approach can be applied to provide self-protection for clustered J2ee applications with a very low overhead.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. An architectural blueprint for autonomic computing. IBM and Autonomic Computing (April 2003), http://www-306.ibm.com/autonomic/pdfs/ACwpFinal.pdf

  2. Amza, C., Cecchet, E., Chanda, A., Cox, A.L., Elnikety, S., Gil, R., Marguerite, J., Rajamani, K., Zwaenepoel, W.: Specification and Implementation of Dynamic Web Site Benchmarks. In: 5th Annual IEEE Workshop on Workload Characterization (2002)

    Google Scholar 

  3. Bruneton, E., Coupaye, T., Stefani, J.B.: Recursive and dynamic software composition with sharing. In: Proceedings of the 7th ECOOP International Workshop on Component-Oriented Programming (WCOP 2002) (June 2002)

    Google Scholar 

  4. Cappello, F., Desprez, F., Dayde, M., Jeannot, E., Jegou, Y., Lanteri, S., Melab, N., Namyst, R., Primet, P., Richard, O., Caron, E., Leduc, J., Mornet, G.: Grid’5000: A large scale, reconfigurable, controlable and monitorable grid platform. In: Grid 2005 6th IEEE/ACM International Workshop on Grid Computing (2005)

    Google Scholar 

  5. Costa, M., Crowsoft, J., Castro, M., Rowstron, A., Zhou, L., Zhang, L., Barham, P.: Vigilante: end-to-end containment of Internet worms. In: SOSP 2005: Proceedings of the Twentieth ACM Symposium on Operating Systems Principles, pp. 133–147. ACM Press, New York (2005)

    Chapter  Google Scholar 

  6. Debar, H., Dacier, M., Wespi, A.: Towards a taxonomy of intrusion-detection systems. Computer Networks 31(9), 805–822 (1999)

    Article  Google Scholar 

  7. Ganek, A.G., Corbi, T.A.: The dawning of the autonomic computing era. IBM Systems Journal 40(1) (2003)

    Google Scholar 

  8. Goel, A., Po, K., Farhadi, K., Li, Z., de Lara, E.: The Taser intrusion recovery system. In: SOSP 2005: Proceedings of the Twentieth ACM Symposium on Operating Systems Principles, pp. 163–176. ACM Press, New York (2005)

    Chapter  Google Scholar 

  9. Huang, Y., Sood, A.: Self-cleansing systems for intrusion containment. In: Workshop on Self-Healing, Adaptive and self-MANaged Systems (SHAMAN) (2002)

    Google Scholar 

  10. Lamport, L., Shostak, R., Pease, M.: The byzantine generals problem. In: Suri, N., Walter, C.J., Hugue, M.M. (eds.) Advances in Ultra-Dependable Distributed Systems. IEEE Computer Society Press, Los Alamitos (1995)

    Google Scholar 

  11. Sun Microsystems. Java 2 platform enterprise edition (J2EE), http://java.sun.com/j2ee/

  12. Netfilter. Firewalling, NAT, and packet mangling under linux, http://www.nefilter.org

  13. Sundaram, A.: An introduction to intrusion detection. ACM Crossroads Student Magazine 2(4), 3–7 (1996)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institut National Polytechnique de Grenoble, France

    Benoit Claudel & Noël De Palma

  2. Université Joseph Fourier, Grenoble, France

    Renaud Lachaize

  3. Institut National Polytechnique de Toulouse, France

    Daniel Hagimont

Authors
  1. Benoit Claudel
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Noël De Palma
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Renaud Lachaize
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Daniel Hagimont
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. School of Computer Science, University of Nevada Las Vegas,  

    Ajoy K. Datta

  2. LIP6, INRIA-Université Paris 6, France

    Maria Gradinariu

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Claudel, B., De Palma, N., Lachaize, R., Hagimont, D. (2006). Self-protection for Distributed Component-Based Applications. In: Datta, A.K., Gradinariu, M. (eds) Stabilization, Safety, and Security of Distributed Systems. SSS 2006. Lecture Notes in Computer Science, vol 4280. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-49823-0_13

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-49823-0_13

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-49018-0

  • Online ISBN: 978-3-540-49823-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics