Secure Proactive Recovery – a Hardware Based Mission Assurance Scheme

Slides:

Advertisements

Similar presentations

An Overview of ABFT in cloud computing

Advertisements

Distributed Systems Major Design Issues Presented by: Christopher Hector CS8320 – Advanced Operating Systems Spring 2007 – Section 2.6 Presentation Dr.

Dynamic Thread Assignment on Heterogeneous Multiprocessor Architectures Pree Thiengburanathum Advanced computer architecture Oct 24,

Making Services Fault Tolerant

An Authentication Service Based on Trust and Clustering in Wireless Ad Hoc Networks: Description and Security Evaluation Edith C.H. Ngai and Michael R.

Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.

Dept. of Computer Science & Engineering, CUHK Performance and Effectiveness Analysis of Checkpointing in Mobile Environments Chen Xinyu

An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.

Present by Chen, Ting-Wei Adaptive Task Checkpointing and Replication: Toward Efficient Fault-Tolerant Grids Maria Chtepen, Filip H.A. Claeys, Bart Dhoedt,

Dept. of Computer Science & Engineering, CUHK Fault Tolerance and Performance Analysis in Wireless CORBA Chen Xinyu Supervisor: Markers: Prof.

1 Making Services Fault Tolerant Pat Chan, Michael R. Lyu Department of Computer Science and Engineering The Chinese University of Hong Kong Miroslaw Malek.

March 24, 2003Upadhyaya – IWIA A Tamper-resistant Framework for Unambiguous Detection of Attacks in User Space Using Process Monitors R. Chinchani.

GRID COMPUTING: REPLICATION CONCEPTS Presented By: Payal Patel.

Exploring the Tradeoffs of Configurability and Heterogeneity in Multicore Embedded Systems + Also Affiliated with NSF Center for High- Performance Reconfigurable.

ATIF MEHMOOD MALIK KASHIF SIDDIQUE Improving dependability of Cloud Computing with Fault Tolerance and High Availability.

EAIT, February 2006 A Pragmatic Approach towards the Improvement of Performance of Ad Hoc Routing ProtocolsOptimizations To Multipath Routing Protocols.

Computer Science Open Research Questions Adversary models –Define/Formalize adversary models Need to incorporate characteristics of new technologies and.

Young Suk Moon Chair: Dr. Hans-Peter Bischof Reader: Dr. Gregor von Laszewski Observer: Dr. Minseok Kwon 1.

BFTCloud: A Byzantine Fault Tolerance Framework for Voluntary-Resource Cloud Computing Yilei Zhang, Zibin Zheng, and Michael R. Lyu

WP4 deliverable Critical Infrastructure Protection: Attack Prevention Solutions and Attacks.

Survival by Defense- Enabling Partha Pal, Franklin Webber, Richard Schantz BBN Technologies LLC Proceedings of the Foundations of Intrusion Tolerant Systems(2003)

Building Dependable Distributed Systems Chapter 1 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University

Secure Systems Research Group - FAU 1 Active Replication Pattern Ingrid Buckley Dept. of Computer Science and Engineering Florida Atlantic University Boca.

Investigating Survivability Strategies for Ultra-Large Scale (ULS) Systems Vanderbilt University Nashville, Tennessee Institute for Software Integrated.

Transparent Fault-Tolerant Java Virtual Machine Roy Friedman & Alon Kama Computer Science — Technion.

Bio-Networking: Biology Inspired Approach for Development of Adaptive Network Applications 21 May 2005Ognen Paunovski Bio-Networking: Biology Inspired.

PROP: A Scalable and Reliable P2P Assisted Proxy Streaming System Computer Science Department College of William and Mary Lei Guo, Songqing Chen, and Xiaodong.

Security in Mobile Ad Hoc Networks: Challenges and Solutions (IEEE Wireless Communications 2004) Hao Yang, et al. October 10 th, 2006 Jinkyu Lee.

A Deception Framework for Survivability Against Next Generation Cyber Attacks Ruchika Mehresh and Shambhu Upadhyaya Department of Computer Science and.

University of Michigan Electrical Engineering and Computer Science University of Michigan Electrical Engineering and Computer Science Adaptive Online Testing.

Performance of Adaptive Beam Nulling in Multihop Ad Hoc Networks Under Jamming Suman Bhunia, Vahid Behzadan, Paulo Alexandre Regis, Shamik Sengupta.

Mixed Criticality Systems: Beyond Transient Faults Abhilash Thekkilakattil, Alan Burns, Radu Dobrin and Sasikumar Punnekkat.

Natural Faults Mariesa Crow & Bruce McMillin

University of Westminster – Checkpointing Mechanism for the Grid Environment K Sajadah, G Terstyanszky, S Winter, P. Kacsuk University.

Fault Tolerant Grid Workflow in Water Threat Management Master’s project / thesis seminar Young Suk Moon Chair: Prof. Gregor von Laszewski Reader: Observer:

HPC HPC-5 Systems Integration High Performance Computing 1 Application Resilience: Making Progress in Spite of Failure Nathan A. DeBardeleben and John.

1 CMP-MSI.07 CARES/SNU A Reusability-Aware Cache Memory Sharing Technique for High Performance CMPs with Private Caches Sungjune Youn, Hyunhee Kim and.

Euro-Par, HASTE: An Adaptive Middleware for Supporting Time-Critical Event Handling in Distributed Environments ICAC 2008 Conference June 2 nd,

Risk-Aware Mitigation for MANET Routing Attacks Submitted by Sk. Khajavali.

SECURITY IN MOBILE NETWORKS Bharat Bhargava CERIAS and Computer Sciences Departments Purdue University, W. Lafayette, IN Supported.

Criticality Aware Smart Spaces T. Mukherjee Impact Lab ( Department of Computer Science & Engineering Ira A. Fulton School of Engineering.

The Google File System Sanjay Ghemawat, Howard Gobioff, and Shun-Tak Leung Presenter: Chao-Han Tsai (Some slides adapted from the Google’s series lectures)

Cyber Security in Smart Grids BY ADITYA KANDULA DEVASIA THOMAS.

Pouya Ostovari and Jie Wu Computer & Information Sciences

AUTONOMIC COMPUTING B.Akhila Priya 06211A0504. Present-day IT environments are complex, heterogeneous in terms of software and hardware from multiple.

Memory Protection through Dynamic Access Control Kun Zhang, Tao Zhang and Santosh Pande College of Computing Georgia Institute of Technology.

On Survivability of Mobile Cyber Physical Systems with Intrusion Detection Authors: Robert Mitchell, Ing-Ray Chen Presented by: Ting Hua.

Secure Proactive Recovery – a Hardware Based Mission Assurance Scheme 1 6 th International Conference on Information Warfare and Security, 2011.

Performance Assurance for Large Scale Big Data Systems

In quest of the operational database for real-time environmental monitoring and early warning systems Bartosz Baliś, Marian Bubak, Daniel Harezlak, Piotr.

Architecture and Algorithms for an IEEE 802

MadeCR: Correlation-based Malware Detection for Cognitive Radio

Prabhat Kumar Saraswat Paul Pop Jan Madsen

Intrusion Tolerant Systems Workshop: Anomaly Detection Group

Sindhusha Doddapaneni

Supporting Fault-Tolerance in Streaming Grid Applications

En Wang 1,2 , Yongjian Yang 1 , and Jie Wu 2

Towards Next Generation Panel at SAINT 2002

An Urgent National Imperative

Fault Tolerance Distributed Web-based Systems

Soft Error Detection for Iterative Applications Using Offline Training

Jigar.B.Katariya (08291A0531) E.Mahesh (08291A0542)

Ruchika Mehresh and Shambhu Upadhyaya

2/23/2019 A Practical Approach for Handling Soft Errors in Iterative Applications Jiaqi Liu and Gagan Agrawal Department of Computer Science and Engineering.

Ruchika Mehresh and Shambhu Upadhyaya

Resource Allocation for Distributed Streaming Applications

Reliable Web Services: Methodology, Experiment and Modeling International Conference on Web Services (ICWS 2007) Pat. P. W. Chan, Michael R. Lyu Department.

Communication Driven Remapping of Processing Element (PE) in Fault-tolerant NoC-based MPSoCs Chia-Ling Chen, Yen-Hao Chen and TingTing Hwang Department.

Anand Bhat*, Soheil Samii†, Raj Rajkumar* *Carnegie Mellon University

Luca Simoncini PDCC, Pisa and University of Pisa, Pisa, Italy

Presentation transcript:

Secure Proactive Recovery – a Hardware Based Mission Assurance Scheme Ruchika Mehresh1 Shambhu J. Upadhyaya1 Kevin Kwiat2 rmehresh@buffalo.edu shambhu@buffalo.edu kwiatk@rl.af.mil 1Department of Computer Science and Engineering, State University of New York at Buffalo, NY, USA 2Air Force Research Laboratory, Rome, NY, USA Research Supported in Part by ITT Grant No. 200821J and NSF Grant No. DUE-0802062 6th International Conference on Information Warfare and Security, 2011

Outline Structure Motivation Threat model System design Performance analysis Conclusion

Motivation Mission assurance Goals Feasibility study Survivability Security Fault tolerance Low cost (Time overhead) Adaptation and evolution Feasibility study Long running applications Prevention  Detection  Recovery Hardware-based Smart defender

Outline Structure Motivation Threat model System design Performance analysis Conclusion

Byzantine fault tolerance Threat Model Time diversity Spatial diversity Reactive recovery Proactive recovery Byzantine fault tolerance

The Quiet Invader Smart attacker Quiet invader Make decisions to maximize the potential of achieving their objectives based on dynamic information Quiet invader Camouflages to buy more time Plan to attack mission during critical stage (Why?) Example: Long running countdown for a space shuttle launch that runs for several hours

Outline Structure Motivation Threat model System design Performance analysis Conclusion

Replica 3 Coordinator Replica 1 H C Replica 2 H C Replica 3 H C Workload Workload Workload Workload Workload Replica 1 H C Replica 2 H C Replica 3 H C Replica n H C R R R R Periodic checkpoint Hardware Signature Periodic checkpoint Hardware Signature Hardware Signature Periodic checkpoint Hardware Signature Hardware Signature Periodic checkpoint Periodic checkpoint

Hardware Signature Generation IDS System reg

Outline Structure Motivation Threat model System design Performance analysis Conclusion

Performance Analysis Cases Workload Case 1: Systems with no checkpointing Case 2: Systems with checkpointing, no failures/attacks Case 3: Systems with checkpointing, failures/attacks Workload Java SciMark 2.0 benchmark workloads: FFT, SOR, Sparse, LU Multi-step simulation based evaluation approach [Reference: Mehresh, R., Upadhyaya, S. and Kwiat, K. (2010) “A Multi-Step Simulation Approach Toward Fault Tolerant system Evaluation”, Third International Workshop on Dependable Network Computing and Mobile Systems, October]

Results

Results FFT LU SOR Sparse Case 1 3421.09 222.69 13.6562 23.9479 Case 2 Table 1: Execution Times (in hours) for the Scimark workloads across three cases Results FFT LU SOR Sparse Case 1 3421.09 222.69 13.6562 23.9479 Case 2 3477.46 226.36 13.8811 24.3426 Case 3 (M=10) 3824.63 249.08 15.2026 26.7313 Case 3 (M=25) 3593.39 233.83 Table : Execution times (in hours) for the Scimark workloads for the three cases

Results

Results

Results M=5 M=10 M=15 M=25 Optimal Checkpoint Interval (hours) 0.3 0.5 0.65 0.95 Execution Times(hours) 248.97 241.57 238.16 235.06 Table : Approximate optimal checkpoint interval values and their corresponding workload execution times for LU (Case 3) at different values of M

Outline Structure Motivation Threat model System design Performance analysis Conclusion

Conclusion Low cost solution to secure proactive recovery Mission survivability Utilized redundant hardware Small overhead in absence of failures Effective preventive measure Future work To evaluate this scheme for a distributed system

Thank You !!