An Adaptive Intrusion-Tolerant Architecture Alfonso Valdes, Tomas Uribe, Magnus Almgren, Steven Cheung, Yves Deswarte, Bruno Dutertre, Josh Levy, Hassen.

Slides:

Advertisements

Similar presentations

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Advertisements

DARPA ITS PI Meeting – Honolulu – July 17-21, 2000Slide 1 Aegis Research Corporation Intrusion Tolerance Using Masking, Redundancy and Dispersion DARPA.

Critical Software Security Through Replication and Virtualization A Research Proposal Dennis Edwards Sharon Simmons Arangamanikkannan Manickam.

Making Services Fault Tolerant

1 Intrusion Tolerance for NEST Bruno Dutertre, Steven Cheung SRI International NEST 2 Kickoff Meeting November 4, 2002.

1 Building Reliable Web Services: Methodology, Composition, Modeling and Experiment Pat. P. W. Chan Department of Computer Science and Engineering The.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.

1 Quality Objects: Advanced Middleware for Wide Area Distributed Applications Rick Schantz Quality Objects: Advanced Middleware for Large Scale Wide Area.

©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.

1 Steve Chenoweth Tuesday, 10/18/11 Week 7, Day 2 Right – One view of the layers of ingredients to an enterprise security program. From

UNCLASSIFIED Secure Indirect Routing and An Autonomous Enterprise Intrusion Defense System Applied to Mobile ad hoc Networks J. Leland Langston, Raytheon.

Applied Cryptography for Network Security

Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,

(Geneva, Switzerland, September 2014)

Computer Security: Principles and Practice

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

1 Making Services Fault Tolerant Pat Chan, Michael R. Lyu Department of Computer Science and Engineering The Chinese University of Hong Kong Miroslaw Malek.

Network and Systems Security Security Awareness, Risk Management, Policies and Network Architecture.

Website Hardening HUIT IT Security | Sep

Software Dependability CIS 376 Bruce R. Maxim UM-Dearborn.

1 Integrating a Network IDS into an Open Source Cloud Computing Environment 1st International Workshop on Security and Performance in Emerging Distributed.

Dr. Lo’ai Tawalbeh 2007 INCS 741: Cryptography Chapter 1:Introduction Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus

1 Dependable Intrusion Tolerance Alfonso Valdes Magnus Almgren, Dan Andersson, Steve Cheung, Bruno Dutertre, Yves Deswarte, Hassen.

FMEA-technique of Web Services Analysis and Dependability Ensuring Anatoliy Gorbenko Vyacheslav Kharchenko Olga Tarasyuk National Aerospace University.

Cryptography and Network Security

Eng. Wafaa Kanakri Second Semester 1435 CRYPTOGRAPHY & NETWORK SECURITY Chapter 1:Introduction Eng. Wafaa Kanakri UMM AL-QURA UNIVERSITY

Computer Science Open Research Questions Adversary models –Define/Formalize adversary models Need to incorporate characteristics of new technologies and.

OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.

Network and Systems Security Security Awareness, Risk Management, Policies and Network Architecture.

OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.

POSTER TEMPLATE BY: Whitewater HTTP Vulnerabilities Nick Berry, Joe Joyce, & Kevin Vaccaro. Syntax & Routing Attempt to capture.

Application of Content Computing in Honeyfarm Introduction Overview of CDN (content delivery network) Overview of honeypot and honeyfarm New redirection.

Vigilante: End-to-End Containment of Internet Worms Authors : M. Costa, J. Crowcroft, M. Castro, A. Rowstron, L. Zhou, L. Zhang, and P. Barham In Proceedings.

HIPS Host-Based Intrusion Prevention System By Ali Adlavaran & Mahdi Mohamad Pour (M.A. Team) Life’s Live in Code Life.

Advanced Computer Networks Topic 2: Characterization of Distributed Systems.

Survival by Defense- Enabling Partha Pal, Franklin Webber, Richard Schantz BBN Technologies LLC Proceedings of the Foundations of Intrusion Tolerant Systems(2003)

Agile Survivable Store PIs: Mustaque Ahamad, Douglas M. Blough, Wenke Lee and H.Venkateswaran PhD Students: Prahlad Fogla, Lei Kong, Subbu Lakshmanan,

1 IA&S IA&S Roadmap and ITS Direction Dr. Jay Lala ITS Program Manager 23 February, 2000.

1 Intrusion Tolerance for NEST Bruno Dutertre, Steven Cheung SRI International NEST PI Meeting January 29, 2003.

MAFTIA Expression of Interest for DEFINE and DESIRE presented by Robert Stroud, University of Newcastle upon Tyne.

Dependable Intrusion Tolerance March 2002 Magnus Almgren, Alfonso Valdes SRI International Acknowledgements Research sponsored under DARPA Contract N C-8058.

1 Reliable Web Services by Fault Tolerant Techniques: Methodology, Experiment, Modeling and Evaluation Term Presentation Presented by Pat Chan 3 May 2006.

1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.

Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.

Module 12: Responding to Security Incidents. Overview Introduction to Auditing and Incident Response Designing an Audit Policy Designing an Incident Response.

Selective Packet Inspection to Detect DoS Flooding Using Software Defined Networking Author : Tommy Chin Jr., Xenia Mountrouidou, Xiangyang Li and Kaiqi.

Slide 1 Security Engineering. Slide 2 Objectives l To introduce issues that must be considered in the specification and design of secure software l To.

Secure middleware patterns E.B.Fernandez. Middleware security Architectures have been studied and several patterns exist Security aspects have not been.

WebWatcher A Lightweight Tool for Analyzing Web Server Logs Hervé DEBAR IBM Zurich Research Laboratory Global Security Analysis Laboratory

Virtualized Execution Realizing Network Infrastructures Enhancing Reliability Application Communities PI Meeting Arlington, VA July 10, 2007.

Tamper Resistant Software: An Implementation By David Aucsmith, IAL In Information Hiding Workshop, RJ Anderson (ed), LNCS, 1174, pp , “Integrity.

1 Developing Aerospace Applications with a Reliable Web Services Paradigm Pat. P. W. Chan and Michael R. Lyu Department of Computer Science and Engineering.

Role Of Network IDS in Network Perimeter Defense.

Cryptography and Network Security Chapter 1. Background  Information Security requirements have changed in recent times  traditionally provided by physical.

Security Codesign Steve Dawson and Victoria Stavridou Bruno Dutertre, Josh Levy, Bob Riemenschneider, Hassen Saidi, Tomas Uribe System Design Laboratory.

By Marwan Al-Namari & Hafezah Ben Othman Author: William Stallings College of Computer Science at Al-Qunfudah Umm Al-Qura University, KSA, Makkah 1.

COSC513 Final Project Firewall in Internet Security Student Name: Jinqi Zhang Student ID: Instructor Name: Dr.Anvari.

Intrusion Tolerant Distributed Object Systems Joint IA&S PI Meeting Honolulu, HI July 17-21, 2000 Gregg Tally

1 Network Security Maaz bin ahmad.. 2 Outline Attacks, services and mechanisms Security attacks Security services Security Mechanisms A model for Internetwork.

DOWeR Detecting Outliers in Web Service Requests Master’s Presentation of Christian Blass.

Intrusion Tolerant Architectures

High Performance Computing Lab.

Secure Software Confidentiality Integrity Data Security Authentication

Securing the Network Perimeter with ISA 2004

Security Engineering.

Security in Networking

Intrusion Detection & Prevention

Jefferson’s Polygraph

Security in SDR & cognitive radio

Presentation transcript:

An Adaptive Intrusion-Tolerant Architecture Alfonso Valdes, Tomas Uribe, Magnus Almgren, Steven Cheung, Yves Deswarte, Bruno Dutertre, Josh Levy, Hassen Saïdi Acknowledgements Research sponsored under DARPA Contract N C Views presented are those of the authors and do not represent the views of DARPA or the Space and Naval Warfare Systems Center

Outline t Assumptions t Background t System Components t The Single Proxy t Mechanisms t Validation and Future Work

Schedule Adapt Hacked Dependable Intrusion Tolerance Contain Recover New Ideas Impact  Detect cyber system deviation resulting from attacks,  Contain the attacked resource,  Adapt system resources, and  Recover lost functionality over time  Assures integrity and availability of mission critical content provision services such as plan distribution  Critical service providers function even when under attack  Distributed content is accurate, despite hacker’s malicious changes  Automatic recovery lets operators focus on primary mission

Assumptions t Attacker does not have physical access t Flood/overrun attacks are not addressed t Not all replicates are vulnerable to the same attack t No attack can simultaneously compromise more than a critical fraction of the COTS Servers t Correct servers all give the same answer to a given request t Focus is on integrity and availability, but system is compatible with mechanisms for confidentiality

Background t Intrusion Tolerant Server

Background t Intrusion Tolerant Server u Redundancy & Diversity

Background t Intrusion Tolerant Server u Redundancy & Diversity u Hardened Proxy l StackGuard l Online Verification ensures operation conforms to spec l Small Code Base

Background t Intrusion Tolerant Server u Redundancy & Diversity u Hardened Proxy l StackGuard l Online Verifiers l Small Code Base u HIDS/NIDS/app-IDS l EMERALD/Snort

Mechanism Summary t Proxy u Limits access to app servers u Sanitizes some suspicious requests t IDS u Detect attacks, anomalous traffic u Trigger response mechanism t Adaptive agreement policy u Corroborates response to client u Identifies malfunctioning servers t Challenge-response u Integrity and liveness u Triggers response mechanism t On-line verification u Ensures correct proxy functionality u Triggers response mechanism t Periodic reboot

System Components t Application Servers u Solaris, Win2k, RedHat, FreeBSD t IDS t Proxy u RedHat-6.2 u Our own code base MS Win2k IIS Solaris 8 (Sparc5) Apache eXpert-BSM RedHat 7.1 iPlanet FreeBSD 4.2 Apache App-IDS eXpert-Net eBayes-TCP eBayes-Blue Snort RedHat 6.2 Proxy eAggregator C-R

Agreement Policies t Benign - Each request dealt to one app server t Duplex (default regime at system start) - Each request sent to two app servers t Triplex - Each request sent to three app servers t Quad - Each request sent to four app servers t Transition to a more permissive regime after some time of normal activity Policy regime is specified as (N, K), N servers are polled, K must agree. (3,3) is the regime obtained if (4, 3) is in effect and one server is diagnosed faulty. While it is repaired, full agreement is required of the rest. 1,12,23,34,4 4,3 Policy/Regime

Proxy in Detail e-Aggregator Challenge Response Repair Manager Proxy Server Regime Manager Alert Manager 1,12,23,34,4 4,3 Policy/Regime

Response t Temporarily blocking the address from where attack seems to originate t Increasing agreement regime t Increasing frequency and coverage of challenge-response protocol t Disconnecting and rebooting a server t Refusing service and alerting the sys admin

Publications and Presentations t “Dependable Intrusion Tolerance”, Tenth Annual Conference on Security Protocols, Cambridge, UK, April 02 t “An Adaptive Intrusion Tolerant Server Architecture” Workshop on Intrusion Tolerant Systems, DSN02, June 02 t “Combining Monitors for Run-Time System Verification”, Workshop on Runtime Verification (RV'02) International Conference on Computer Aided Verification, Copenhagen, Denmark, July 02 Electronic Notes in Theoretical Computer Science, vol. 70, number 4

Validation t Diversity u Direct detection on external network (IDS sensors) u Symptom detection on the private network (proxy) u Agreement u Challenge response protocols t Performance u Preliminary Results t Resistance to attacks u Compiling a list of existing Web exploits to run them against the implementation u Formal verification of appropriate components u Red teaming

Plans t Address dynamic content t Refine alert, detection, response mechanisms t Validation and experimentation t Transition