Proactive Containment of Malice in Survivable Distributed Systems
نویسندگان
چکیده
The uncontrolled propagation of faults due to malicious intrusion can severely decrease system performance and survivability. Our goal is to employ available information about known or suspected faults in order to provide collusionavoidance and epidemic-avoidance. We proactively make use of knowledge of faults to notify potentially damaged areas of the system, in order to contain the tainted parts. Our objective is to lessen the impact of an intrusion, by spreading the performance cost of recovery over a controlled period of time.
منابع مشابه
Enhancing Survivability with Proactive Fault-Containment
Realistic survivable systems must assume that faults will occur within the system. When a malicious fault is activated, it may work to cause damage and to spread; until the system has recovered from this damage, it will have a lower degree of survivability than it did before the fault occurred. By proactively containing faults that would otherwise spread throughout the system, we can reduce the...
متن کاملThe Price of Malice: A Game-Theoretic Framework for Malicious Behavior in Distributed Systems
In recent years, game theory has provided insights into the behavior of distributed systems by modeling the players as utility-maximizing agents. In particular, it has been shown that selfishness causes many systems to perform in a globally suboptimal fashion. Such systems are said to have a large price of anarchy. In this article, we extend this field of research by allowing some players to be...
متن کاملMetrics for the Evaluation of Proactive and Reactive Survivability∗
Current Byzantine-fault-tolerant survivable systems [5, 6] rely on strong theoretical properties to guarantee survivability. Evaluations of such systems generally focus on the performance overhead of the mechanisms in the fault-free case: a metric that, in itself, is not a good evaluator of survivability. This dearth of metrics makes the objective comparison of the survivability of different im...
متن کاملBuilding Survivable Systems: An Integrated Approach based on Intrusion Detection and Damage Containment
Reliance on networked information systems to support critical infrastructures prompts interest in making network information systems survivable, so that they continue functioning even when under attack. To build survivable systems, attacks must be detected and reacted to before they impact performance or functionality. Previous survivable systems research focussed primarily on detecting intrusi...
متن کاملPeer Production of Survivable Critical Infrastructures
The paper describes an approach to provisioning survivable critical communications and computation infrastructures by deploying radically distributed, peer-based systems for communication, computation, and data storage and retrieval. The paper focuses on system survivability as an approach to robustness, rather than on artifact-oriented hardness or impregnability. Based on a survey of experienc...
متن کامل