Intrusion Tolerance of Stealth DoS Attacks to Web Services
نویسندگان
چکیده
This paper focuses on one of the most harmful categories of Denial of Service attacks, commonly known in the literature as “stealth” attacks. They are performed avoiding to send significant volumes of data, by injecting into the network a low-rate flow of packets in order to evade rate-controlling detection mechanisms. This work presents an intrusion tolerance solution, which aims at providing minimal level of services, even when the system has been partially compromised by such attacks. It describes all protection phases, from monitoring to diagnosis and recovery. Preliminary experimental results show that the proposed approach results in a better performance of Intrusion Prevention Systems, in terms of reducing service unavailability during stealth attacks.
منابع مشابه
An architecture for adaptive intrusion-tolerant applications
Applications that are part of a mission-critical information system need to maintain a usable level of key services through ongoing cyberattacks. In addition to the well-publicized denial of service (DoS) attacks, these networked and distributed applications are increasingly threatened by sophisticated attacks that attempt to corrupt system components and violate service integrity. While variou...
متن کاملAn approach to intrusion tolerance for mission-critical services using adaptability and diverse replication
In many mission-critical applications, important services should be maintained properly under any circumstances including the presence of compromised components incurred by outside intentional attacks. In the paper, a two-level approach for the intrusion tolerance is presented. At the node level, by means of dynamic resource reallocation within a computing node, the critical services previously...
متن کاملA Survey of Anomaly Detection Approaches in Internet of Things
Internet of Things is an ever-growing network of heterogeneous and constraint nodes which are connected to each other and the Internet. Security plays an important role in such networks. Experience has proved that encryption and authentication are not enough for the security of networks and an Intrusion Detection System is required to detect and to prevent attacks from malicious nodes. In this ...
متن کاملIntrusion Tolerance: Enhancement of Safety in Cloud Computing
Cloud computing is a recent computing model; provides consistent access to wide area distributed resources facing many problems as its usage increases. Enormous loss to both cloud clients as well as cloud service providers happen even with small intrusions. The protection and defense of cloud infrastructure against malicious attacks can be solved by designing ‘intrusion tolerance’. We prove the...
متن کاملStealth-MITM DoS Attacks on Secure Channels
We de ne stealth Man-in-the-Middle adversaries, and analyse their ability to launch denial and degradation of service (DoS) attacks on secure channels. We show realistic attacks, disrupting TCP communication over secure VPNs using IPsec. We present: 1. First amplifying DoS attack on IPsec, when deployed without anti-replay window. 2. First amplifying attack on IPsec, when deployed with a `small...
متن کامل