Intrusion Tolerance Via Network Layer Controls
نویسندگان
چکیده
Existing information systems’ security measures are limited because even if a component failure due to an intrusion is detected, there are few mechanisms for effectively isolating the corrupt component. Attacks tend to spread unchecked, hopping from one host to another. The typical response, to turn off the corrupted service, results in denial of service that is often as damaging as the attack itself. This paper describes the approach taken on the Intrusion Tolerant Server Infrastructure (ITSI) program to develop concepts and underlying technology that can identify and isolate intrusions, prevent them from freely spreading, and continue to provide service to benign users while recovering from the intrusion. The distinguishing feature of the ITSI approach is the use of “smart NICs” to help identify intrusions, and, once an intrusion has been detected, to contain it and ensure that service is uninterrupted by providing a failover
منابع مشابه
Intrusion Tolerant Web Servers via Network Layer Controls
Existing information systems’ security measures are limited because even if a component failure due to an intrusion is detected, there are few mechanisms for effectively isolating the corrupt component. Attacks tend to spread unchecked, hopping from one host to another. The typical response, to turn off the corrupted service, results in denial of service that is often as damaging as the attack ...
متن کاملSelf Cleansing and Intrusion Tolerance Another layer of server protection
Towards an EU Policy Initiative 7 on Critical CIIP
متن کاملThe Application Research on Network Forensics
With the development of network technology, computer crime, network forensics as a kind of active network security defense, has gained widely research and application. This article detailed introduces the concept of network Forensics, Forensics process, Forensics model and some common techniques and methods, the analysis of the Realtime Intrusion Forensics and other four kinds of typical networ...
متن کاملIntrusion Tolerance and Worm Spread
We show how the Dependable Intrusion Tolerance (DIT) server architecture prevents the effects and propagation of some common Internet viruses and worms. This results from complementary detection and prevention mechanisms that provide defensive depth, and the application of the principle of least privilege at the network level, including the use of signature-based IDS to enforce higher-level spe...
متن کاملIntrusion Detection in VANETs
Vehicular ad hoc networks (VANETs) have great potential to improve road safety and increase passenger convenience in vehicles. On the other hand, since they use an open medium for communication, they are exposed to several threats that influence the reliability of these features. This work presents a modular cross layer intrusion detection approach as a method to increase security in VANETs. Th...
متن کامل