Skip to main content
SpringerLink
Log in

The Design of a Policy-based Attack-Resilient Intrusion Tolerant System

  • Conference paper
  • First Online:
Book cover Information Technology Convergence

Part of the book series: Lecture Notes in Electrical Engineering ((LNEE,volume 253))

  • 1107 Accesses

Abstract

In order to identify and reduce the chance of vulnerability, a novel policy-based intrusion tolerant system (ITS) is studied in this paper. The suggested scheme quantifies the vulnerability level first, and then applies it to decide the candidate of the next rotation based on a policy. Experiments using CSIM 20 proved that it has enough capability to hide the VM rotation pattern which attackers are generally interested in and reduces the data leakage of the system greatly in spite of increasing the number of exposures.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 259.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 329.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 329.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Miguel C, Paulo V, Nuno FN (2004) The architecture of a secure group communication system based on intrusion tolerance. In: Proceedings of the 2001 international conference on distributed computing systems workshop (ICDCS 2001), Arizona, USA, April 2001

    Google Scholar 

  2. Lala JH (2003) Organically assured & survivable information systems (OASIS): foundations of intrusion tolerant systems. IEEE Computer Society Press, http://computer.org/cspres, ISBN 0-7695-2057-X2003

  3. Quyen N, Arun S (2010) Comparative analysis of intrusion-tolerant system architectures. In: IEEE security and privacy. Preprint. Accepted for publication, Aug

    Google Scholar 

  4. Quyen N (2010) Realizing S-reliability for services via recovery-driven intrusion tolerance mechanism. In: International conference on dependable systems and networks workshops (DSN-W)

    Google Scholar 

  5. http://www.programmingunlimited.net/siteexec/content.cgi?page=fv

  6. https://www.volatilesystems.com/default/volatility

  7. http://www.ahnlab.com/kr/site/securitycenter/asec/asecReportView.do

  8. http://www.first.org/cvss

  9. Schwetman H (2001) CSIM19: a powerful tool for building system models. In: Proceedings of the 2001 winter simulation conference, pp 250–255

    Google Scholar 

  10. David P, Arun KS (2010) An intrusion tolerance approach to enhance single sign on server protection. In: Proceedings of the third international conference on dependability (DEPEND 2010) Venice/Mestre, 18–25 July

    Google Scholar 

  11. Yih H, David A, Arun S (2006) Closing cluster attack windows through server redundancy and rotations. In: Proceedings of the second international workshop on cluster security (Cluster-Sec06), Singapore, May

    Google Scholar 

Download references

Acknowledgments

This work was supported by the National Research Foundation of Korea (NRF) grant funded by the Korea Government (MEST) (No. 2012-0005390).

Author information

Authors and Affiliations

  1. Department of Computer Science, KAIST, 291 Daehak-ro, Yuseong-gu, Daejeon, Republic of Korea

    Jungmin Lim, Yongjoo Shin & Hyunsoo Yoon

  2. Department of Electronic Engineering, Korea Army Academy at Yeong-cheon, 495 Hoguk-ro Gogyeong-myeon, Yeongcheon-si, 770-849, South Korea

    Seokjoo Doo

Authors
  1. Jungmin Lim
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yongjoo Shin
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Seokjoo Doo
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Hyunsoo Yoon
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jungmin Lim .

Editor information

Editors and Affiliations

  1. Department of Computer Science and Engineering, Seoul University of Science & and Technology (SeoulTech), Seoul, Korea, Republic of (South Korea)

    James J. (Jong Hyuk) Park

  2. Dept. Information & Communication Engineering, Fukuoka Institute of Technology Fac. Information Engineering, Fukuoka, Japan

    Leonard Barolli

  3. Departament De Llenguatges I Sistemes Informàtics, Universitat Politècnica De Catalunya, Barcelona, Spain

    Fatos Xhafa

  4. Humanitas College, Kyung Hee University, Seoul, Korea, Republic of (South Korea)

    Hwa-Young Jeong

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer Science+Business Media Dordrecht

About this paper

Cite this paper

Lim, J., Shin, Y., Doo, S., Yoon, H. (2013). The Design of a Policy-based Attack-Resilient Intrusion Tolerant System. In: Park, J., Barolli, L., Xhafa, F., Jeong, HY. (eds) Information Technology Convergence. Lecture Notes in Electrical Engineering, vol 253. Springer, Dordrecht. https://doi.org/10.1007/978-94-007-6996-0_45

Download citation

  • DOI: https://doi.org/10.1007/978-94-007-6996-0_45

  • Published:

  • Publisher Name: Springer, Dordrecht

  • Print ISBN: 978-94-007-6995-3

  • Online ISBN: 978-94-007-6996-0

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation