CCS

Denial of service attacks on peer-to-peer (p2p) systems can arise from sources otherwise considered non-malicious. We focus on one such commonly prevalent source, called "churn". Churn arises from continued and rapid arrival and failure (or departure) ...

We present SABER (Survivability Architecture: Block, Evade, React), a proposed survivability architecture that blocks, evades and reacts to a variety of attacks by using several security and survivability mechanisms in an automated and coordinated ...

Security is an important QoS attribute for characterizing intrusion tolerant computing systems. Frequently however, the security of computing systems is assessed in a qualitative manner based on the presence and absence of certain functional ...

In this paper we describe SelectCast, a self-repairing multicast overlay routing facility for supporting publish/subscribe applications. Select Cast is a peer-to-peer protocol, and lever-ages Astrolabe, a secure distributed information management ...

Proxy-network based overlays have been proposed to protect Internet Applications against Denial-of-Service attacks by hiding an application's location. We study how a proxy network's topology influences the effectiveness of location-hiding. We present ...

Certification Authorities (CA) are a critical component of a PKI. All the certificates issued by a CA will become invalid when the (signing) private key of the CA is compromised. Hence it is a very important issue to protect the private key of an online ...

Many distributed services are susceptible to attacks by malicious clients that can significantly degrade their performance. Scalable distributed services make use of a variety of techniques which are vulnerable to such attacks. We explore the ...

Biological systems exhibit remarkable adaptation and robustness in the face of widely changing environments. By adopting properties of biological systems, we hope to design systems that operate adequately even in the presence of catastrophic failures ...

We propose a new method for distributing a common key to a dynamic group over an unreliable channel. In [15], an unconditionally secure "self-healing" protocol that solves this problem and has significant advantages over previous work in this area is ...

We present an access-control policy specification and verification process that is well-suited to model survivability of information resources under threat of compromise. Our process differs from the traditional policy engineering methodology in many ...

There is good reason to base intrusion detection on data from the host. Unfortunately, most operating systems do not provide all the data needed in readily available logs. Ironically, perhaps, Window NT and its successor, Windows 2000, provide much of ...

High confidence in a system's survivability requires an accurate understanding of the system's threat environment and the impact of that environment on system operations. This paper describes a framework for intrusion-aware design called trustworthy ...

This paper describes a generic architecture for intrusion tolerant Internet servers. It aims to build systems that are able to survive attacks in the context of an open network such as the Internet. To do so, the design is based on fault tolerance ...

Self-regenerative capabilities are a new trend in survivable system design. Self-regeneration ensures the property that a system's vulnerabilities cannot be exploited to the extent that the mission objective is compromised, but instead that the ...