Intrusion Tolerant Web Servers via Network Layer Controls
نویسنده
چکیده
Existing information systems’ security measures are limited because even if a component failure due to an intrusion is detected, there are few mechanisms for effectively isolating the corrupt component. Attacks tend to spread unchecked, hopping from one host to another. The typical response, to turn off the corrupted service, results in denial of service that is often as damaging as the attack itself. This demonstration shows the approach taken on the Intrusion Tolerant Server Infrastructure (ITSI) program to identify and isolate intrusions, prevent them from freely spreading, and continue to provide service to benign users while recovering from the intrusion.
منابع مشابه
Building Intrusion-Tolerant Applications
The ITTC project (Intrusion Tolerance via Threshold Cryptography) provides tools and an infrastructure for building intrusion tolerant applications. Rather than prevent intrusions or detect them after the fact, the ITTC system ensures that the compromise of a few system components does not compromise sensitive security information. To do so we protect cryptographic keys by distributing them acr...
متن کاملAn Architecture for an Adaptive Intrusion-Tolerant Server
We describe a general architecture for intrusion-tolerant enterprise systems and the implementation of an intrusion-tolerant Web server as a specific instance. The architecture comprises functionally redundant COTS servers running on diverse operating systems and platforms, hardened intrusion-tolerance proxies that mediate client requests and verify the behavior of servers and other proxies, an...
متن کاملA Proposal of Protocol and Policy-Based Intrusion Detection System
Currently, intrusion detection systems (IDSs) are widely deployed in enterprise networks for detecting network attacks. Most existing commercial IDSs are based on misuse detection model. In misuse detection, although known attacks can be detected, unknown ones cannot be detected because attack signatures for unknown attacks cannot be generated. In this paper, we propose a method for detecting n...
متن کاملA Stateful Intrusion Detection System for World-Wide Web Servers
Web servers are ubiquitous, remotely accessible, and often misconfigured. In addition, custom web-based applications may introduce vulnerabilities that are overlooked even by the most security-conscious server administrators. Consequently, web servers are a popular target for hackers. To mitigate the security exposure associated with web servers, intrusion detection systems are deployed to anal...
متن کاملSITAR: A Scalable Intrusion-Tolerant Architecture for Distributed Services-A Technology Summary
This paper presents a intrusion tolerant architecture for distributed services, especially COTS servers. It is motivated by two observations: First, no security precautions can guarantee that a system will not be penetrated; Second, mission critical applications need to provide minimal level of services even under active attacks or partially compromised. The emphasis of proposed architecture is...
متن کامل