Skip to main content
SpringerLink
Log in
Book cover

International Conference On Principles Of Distributed Systems

OPODIS 2009: Principles of Distributed Systems pp 330–344Cite as

Proactive Fortification of Fault-Tolerant Services

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 5923))

Abstract

We present an approach for incorporating intrusion resilience to replicated services, irrespective of the service replication used and of the fault types tolerated. The approach, termed as FORTRESS, involves fortifying a fault-tolerant service using proxies that block clients from accessing the servers directly, and periodically refreshing proxies and servers with diverse executables generated using code randomization. These two features make it hard for an attacker to compromise a server when no proxy has been compromised. An analytical evaluation establishes that if attackers cannot intrude servers without first having compromised a proxy, fortifying even a passively replicated service can offer greater resilience than building that service as a deterministic state machine and actively replicating it over diverse platforms. Finally, the FORTRESS architecture is presented where proactive code randomization is achieved by proactive replacement of server and proxy nodes. Examining the state transfer protocol executed during node replacement shows that the processing overhead per replacement is no more than the overhead for changing the leader or the primary replica in replication management.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Agbaria, A., Friedman, R.: A replication- and checkpoint-based approach for anomaly-based intrusion detection and recovery. In: ICDCS Workshop on Security in Distributed Computing Systems, pp. 137–143 (2005)

    Google Scholar 

  2. Barrantes, E.G., Ackley, D.H., Forrest, S., Stefanovic, D.: Randomized instruction set emulation. ACM Trans. Information System Security 8(1), 3–40 (2005)

    Article  Google Scholar 

  3. Baumann, R.: Soft errors in advanced computer systems. IEEE Design and Test 22(3), 258–266 (2005)

    Article  Google Scholar 

  4. Berger, E.D., Zorn, B.: Diehard: Probabilistic memory safety for unsafe languages. In: Proceedings of the ACM SIGPLAN 2006 Conference on Programming Language Design and Implementation, pp. 158–168. ACM Press, New York (2006)

    Chapter  Google Scholar 

  5. Bhatkar, S., DuVarney, D.C., Sekar, R.: Address obfuscation: an efficient approach to combat a board range of memory error exploits. In: SSYM 2003: Proceedings of the 12th conference on USENIX Security Symposium, pp. 105–120. USENIX Association, Berkeley (2003)

    Google Scholar 

  6. Broder, A.Z., Dolev, D.: Flipping coins in many pockets (byzantine agreement on uniformly random values). In: SFCS 1984: Proceedings of the 25th Annual Symposium on Foundations of Computer Science, pp. 157–170. IEEE Computer Society, Washington (1984)

    Google Scholar 

  7. Castro, M., Liskov, B.: Practical byzantine fault tolerance. In: OSDI 1999: Proceedings of the third symposium on Operating systems design and implementation, pp. 173–186. USENIX Association, Berkeley (1999)

    Google Scholar 

  8. Castro, M., Liskov, B.: Practical byzantine fault tolerance and proactive recovery. ACM TOCS 20(4), 398–461 (2002)

    Article  Google Scholar 

  9. Fetzer, C., Xiao, Z.: Detecting heap smashing attacks through fault containment wrappers. In: Proc. SRDS 2001, pp. 80–89 (2001)

    Google Scholar 

  10. Kc, G.S., Keromytis, A.D., Prevelakis, V.: Countering code-injection attacks with instruction-set randomization. In: Proceedings of the 10th ACM Conference on Computer and Communications Security (CCS), Washingtion, DC, USA, pp. 272–280 (2003)

    Google Scholar 

  11. Kistijantoro, A.I., Morgan, G., Shrivastava, S.K., Little, M.C.: Enhancing an application server to support available components. IEEE Transactions on Software Engineering 34(4), 531–545 (2008)

    Article  Google Scholar 

  12. Lamport, L.: Paxos made simple. SIGACT News 32(4), 51–58 (2001)

    Google Scholar 

  13. Marsh, M., Schneider, F.B.: Codex: A robust and secure secret distribution system. IEEE Transctions in Dependable and Secure Computing 1(1), 34–47 (2004)

    Article  Google Scholar 

  14. Roeder, T., Schneider, F.B.: Proactive obfuscation. Technical report. Cornell University (March 2009)

    Google Scholar 

  15. Saidane, A., Nicomette, V., Deswarte, Y.: The design of a generic intrusion-tolerant architecture for web servers. IEEE Transactions on Dependable and Secure Computing 6(1), 45–58 (2009)

    Article  Google Scholar 

  16. Schneider, F.B.: Implementing fault-tolerant services using the state machine approach: a tutorial. ACM Comput. Surv. 22(4), 299–319 (1990)

    Article  Google Scholar 

  17. Schneider, F.B., Zhou, L.: Implementing trustworthy services using replicated state machines. IEEE Security and Privacy 3(5), 34–43 (2005)

    Article  Google Scholar 

  18. Shacham, H., Page, M., Pfaff, B., Goh, E., Modadugu, N., Boneh, D.: On the effectiveness of address-space randomization. In: CCS 2004: Proc. of the 11th ACM conference on Computer and Communications Security, pp. 298–307. ACM, New York (2004)

    Chapter  Google Scholar 

  19. Slember, J.G., Narasimhan, P.: Using program analysis to identify and compensate for nondeterminism in fault-tolerant, replicated systems. In: Proceedings of SRDS, pp. 251–263 (2004)

    Google Scholar 

  20. Sousa, P., Bessani, A.N., Correia, M., Neves, N.F., Verissimo, P.: Resilient intrusion tolerance through proactive and reactive recovery. In: Proc. 13th Pacific Rim International Symposium on Dependable Computing PRDC 2007 (To appear also in IEEE TPDS), December 17-19, pp. 373–380 (2007)

    Google Scholar 

  21. Sousa, P., Neves, N.F., Veríssimo, P.: Proactive resilience through architectural hybridization. In: SAC 2006: Proceedings of the 2006 ACM symposium on Applied computing, pp. 686–690. ACM, New York (2006)

    Chapter  Google Scholar 

  22. Sousa, P., Neves, N.F., Verissimo, P.: Hidden problems of asynchronous proactive recovery. In: Workshop on Hot Topics in System Dependability (June 2007)

    Google Scholar 

  23. Sousa, P., Neves, N.F., Verissimo, P., Sanders, W.H.: Proactive resilience revisited: The delicate balance between resisting intrusions and remaining available. In: Proc. 25th IEEE Symposium on Reliable Distributed Systems SRDS 2006, October 2-4, pp. 71–82 (2006)

    Google Scholar 

  24. Sovarel, A.N., Evans, D., Paul, N.: Where’s the feeb?: The effectiveness of instruction set randomization. In: Proceedings of the 14th USENIX security symposium, pp. 145–160. Usenix Association (2005)

    Google Scholar 

  25. Xu, J., Kalbarczyk, Z., Iyer, R.K.: Transparent runtime randomization for security. In: Proceedings of SRDS, October 2003, pp. 260–269 (2003)

    Google Scholar 

  26. Zhao, W., Zhang, H.: Proactive service migration for long-running byzantine fault-tolerant systems. IET Software 3(2), 154–164 (2009)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Computing Science, Newcastle University, UK

    Paul Ezhilchelvan, Dylan Clarke, Isi Mitrani & Santosh Shrivastava

Authors
  1. Paul Ezhilchelvan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Dylan Clarke
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Isi Mitrani
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Santosh Shrivastava
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science, University of Illinois at Urbana Champaign, 61801, Urbana, IL, USA

    Tarek Abdelzaher

  2. IRISA, Campus de Beaulieu, Universit de Rennes1, Avenue du G´en´eral Leclerc,, 35042, Rennes Cedex, France

    Michel Raynal

  3. School of Computer Science, Carleton University, 1125 Colonel By Drive, K1S 5B6, Ottawa, Canada

    Nicola Santoro

Rights and permissions

Reprints and permissions

Copyright information

© 2009 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Ezhilchelvan, P., Clarke, D., Mitrani, I., Shrivastava, S. (2009). Proactive Fortification of Fault-Tolerant Services. In: Abdelzaher, T., Raynal, M., Santoro, N. (eds) Principles of Distributed Systems. OPODIS 2009. Lecture Notes in Computer Science, vol 5923. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-10877-8_26

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-10877-8_26

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-10876-1

  • Online ISBN: 978-3-642-10877-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation