Abstract
Computer systems are constantly under the threats of being attacked and in many cases these attacks succeed. Today’s networked systems are thus built to be intrusion tolerant. In a large scale, the progresses of compromising the networked system and recovering the damage will carry on in parallel, allowing services to be continued (at a degraded level). One of the key problems in the restoration procedure regards to the resource allocation strategies and the cost associated with, specifically, a minimal cost is desired. In this paper we model the cost as a sum of service loss and resource expense that incur during the restoration procedure. We investigate the achievable minimal total cost and corresponding resource allocation strategy for different situations. The situations include both constant rates and time-variant rates in terms of the speed of compromising and recovering. We also consider the fact that the restoration rate is constrained by the resource allocated. The relationship can be either linear or obeying the law of diminishing marginal utility. We present both analytical and numerical results in the paper. The results show the impact from various system parameters on the critical conditions for a successful system restoration and on the minimal cost.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Antonatos S, Akritidis P, Markatos EP, Anagnostakis KG (2005) Defending against hitlist worms using network address space randomization. In WORM ’05: Proceedings of the 2005 ACM workshop on Rapid malcode, New York, NY, USA, ACM Press, 30–40
Baumol WJ, Blinder AS (2004) Economics: Principles and Policy. South-Western College Pub
Berghel H (2001) The code red worm. Commun. ACM 44(12):15–19
Brauer F, Castiloo-Chavez C (2001) Mathematical Models in Population Biology and Epidemiology. Springer-Verlag, New York
Brown A (2003) A recovery-oriented approach to dependable services: Repairing past errors with system-wide undo. Technical Report UCB//CSD-04-1304, UC Berkeley Computer Science, December
Brown A, Chung L, Kakes W, Ling C, and Patterson D (2004) Experience with evaluating human-assisted recovery processes. In Proceedings of the 2004 International Conference on Dependable Systems and Networks
Castaneda F, Sezer EC, Xu J (2004) Worm vs. worm: preliminary study of an active counter-attack mechanism. In WORM ’04: Proceedings of the 2004 ACM workshop on Rapid malcode, New York, NY, USA, ACM Press, 83–93
Chen M, Kiciman E, Fratkin E, Brewer E, Fox A (2002) Pinpoint: Problem determination in large, dynamic, internet services. In Proceedings of the International Conference on Dependable Systems and Networks (IPDS Track)
Chen Z, Gao L, Kwiat K (2003) Modeling the spread of active worms. In Proceedings of INFOCOM 2003, IEEE, 1890–1900.
Chen Z, Ji C (2005) A self-learning worm using importance scanning. In WORM ’05: Proceedings of the 2005 ACM workshop on Rapid malcode, New York, NY, USA, ACM Press, 22–29
Dubendorfer T, Wagner A, Plattner B (2004) An economic damage model for large-scale internet attacks. In Proceedings of the 13th IEEE International Workshops on Enabling Technologies: Infrastructures for Collaborative Enterprises (WET ICE 2004)
Dwork C, Naor M (1993) Pricing via processing or combatting junk mail. In CRYPTO ’92: Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology, London, UK, Springer-Verlag, 139–147
Goel A, Po K, Farhadi K, Li Z, de Lara E (2005) The taser intrusion recovery system. In SOSP ’05: Proceedings of the twentieth ACM symposium on Operating systems principles, New York, NY, USA, ACM, Press, 163–176.
Gordon LA, Loeb MP (2002) The economics of information security investment. ACM Transactions on Information and System Security, 5(4):438–457
Gray J (1986) Why do computers stop and what can be done about it? In Proceedings of the 5th Symposium on Reliablity in Distributed Software and Database Systems
Kuhn HW, Tucker AW (1951) Nonlinear programming. In Proceedings of the Second Berkeley Symposium on Mathematical Statistics and Probability, University of California, Press, 481–492
Lala JH (2003) Introduction. In Proceedings of the Foundations of Intrusion Tolerant Systems (OASIS’03), IEEE, x–xix.
Liljenstam M, Nicol DM, Berk VH, Gray RS (2003) Simulating realistic network worm traffic for worm warning system design and testing. In WORM ’03: Proceedings of the 2003 ACM workshop on Rapid malcode, New York, NY, USA, ACM Press, 24–33.
Ma J, Voelker GM, Savage S (2005) Self-stopping worms. In WORM ’05: Proceedings of the 2005 ACM workshop on Rapid malcode, New York, NY, USA ACM Press, 12–21.
MapleSoft. (2004) Maple. In http://www.maplesoft.com
Meadows C (2001) A cost-based framework for analysis of denial of service in networks. Journal of Computer Security, 9(1–2):143–164
Moore D, Shannon C, Brown J (2002) Code-red: a case study on the spread and victims of an internet worm. In Proceedings of the ACM SIGCOMM/USENIX Internet Measurement Workshop, ACM, 273–284.
Oppenheimer D, Ganapathi A, Patterson D (2003) Why do internet services fail, and what can be done about it? In Proceedings of the 4th USENIX Symposium on Internet Technologies and Systems (USITS ’03)
Patterson D (2002) A simple way to estimate the cost of downtime. In Proceedings of LISA ’02: Sixteenth Systems Administration Conference, 185–188
Patterson D, Brown A, Broadwell P, Candea G, Chen M, Cutler J, Enriquez P, Fox A, Kiciman E, Merzbacher M, Oppenheimer D, Sastry N, Tetzlaff W, Traupman J, Treuhaft N (2002) Recovery-oriented computing (roc): Motivation, definition, techniques, and case studies. Technical Report UCB//CSD-02-1175, UC Berkeley Computer Science
Ray S, Zheng Q, Hong X, Kwiat K (2006) Integrity function—a framework for server replication and placement in adversarial environment. In submitted to IEEE Transactions on Parallel and Distributed Systems
Rohloff K, Basar T (2005) The detection of rcs worm epidemics. In WORM ’05: Proceedings of the 2005 ACM workshop on Rapid malcode, New York, NY, USA, ACM Press, 81–86
Verissimo PE, Neves NF, Correia MP (2003) Intrusion tolerant architectures: Concepts and design. Architecting Dependable System, Lecture Notes in Computer Science, 2677(44):3–36
Wagner A, Dubendorfer T, Plattner B, Hiestand R (2003) Experiences with worm propagation simulations. In WORM ’03: Proceedings of the 2003 ACM workshop on Rapid malcode, New York, NY, USA, ACM Press, 34–41
Zou C, Gong W, Towsley D (2002) Code red worm propagation modeling and analysis. In Proceedings of the 9th ACM conference on Computer and communications security, ACM, 138–147
Zou CC, Gong W, Towsley D, Gao L (2005) The monitoring and early detection of internet worms. IEEE/ACM Trans. Netw. 13(5):961–974
Author information
Authors and Affiliations
Corresponding author
Additional information
Dr. Ray is currently with Google Inc., 604 Arizona Avenue, Santa Monica, CA 90401, USA. His e-mail contact is sibu@google.com, siburay@gmail.com
Rights and permissions
About this article
Cite this article
Zheng, Q., Ray, S. & Hong, X. Resource allocation for restoration of compromised systems. J Comb Optim 12, 35–56 (2006). https://doi.org/10.1007/s10878-006-8903-1
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10878-006-8903-1