Presentation is loading. Please wait.

Presentation is loading. Please wait.

Secure Proactive Recovery – a Hardware Based Mission Assurance Scheme

Similar presentations


Presentation on theme: "Secure Proactive Recovery – a Hardware Based Mission Assurance Scheme"— Presentation transcript:

1 Secure Proactive Recovery – a Hardware Based Mission Assurance Scheme
Ruchika Mehresh1 Shambhu J. Upadhyaya1 Kevin Kwiat2 1Department of Computer Science and Engineering, State University of New York at Buffalo, NY, USA 2Air Force Research Laboratory, Rome, NY, USA Research Supported in Part by ITT Grant No J and NSF Grant No. DUE 6th International Conference on Information Warfare and Security, 2011

2 Outline Structure Motivation Threat model System design
Performance analysis Conclusion

3 Motivation Mission assurance Goals Feasibility study
Survivability Security Fault tolerance Low cost (Time overhead) Adaptation and evolution Feasibility study Long running applications Prevention  Detection  Recovery Hardware-based Smart defender

4 Outline Structure Motivation Threat model System design
Performance analysis Conclusion

5 Byzantine fault tolerance
Threat Model Time diversity Spatial diversity Reactive recovery Proactive recovery Byzantine fault tolerance

6 The Quiet Invader Smart attacker Quiet invader
Make decisions to maximize the potential of achieving their objectives based on dynamic information Quiet invader Camouflages to buy more time Plan to attack mission during critical stage (Why?) Example: Long running countdown for a space shuttle launch that runs for several hours

7 Outline Structure Motivation Threat model System design
Performance analysis Conclusion

8 Replica 3 Coordinator Replica 1 H C Replica 2 H C Replica 3 H C
Workload Workload Workload Workload Workload Replica 1 H C Replica 2 H C Replica 3 H C Replica n H C R R R R Periodic checkpoint Hardware Signature Periodic checkpoint Hardware Signature Hardware Signature Periodic checkpoint Hardware Signature Hardware Signature Periodic checkpoint Periodic checkpoint

9 Hardware Signature Generation
IDS System reg

10 Outline Structure Motivation Threat model System design
Performance analysis Conclusion

11 Performance Analysis Cases Workload
Case 1: Systems with no checkpointing Case 2: Systems with checkpointing, no failures/attacks Case 3: Systems with checkpointing, failures/attacks Workload Java SciMark 2.0 benchmark workloads: FFT, SOR, Sparse, LU Multi-step simulation based evaluation approach [Reference: Mehresh, R., Upadhyaya, S. and Kwiat, K. (2010) “A Multi-Step Simulation Approach Toward Fault Tolerant system Evaluation”, Third International Workshop on Dependable Network Computing and Mobile Systems, October]

12 Results

13 Results FFT LU SOR Sparse Case 1 3421.09 222.69 13.6562 23.9479 Case 2
Table 1: Execution Times (in hours) for the Scimark workloads across three cases Results FFT LU SOR Sparse Case 1 222.69 Case 2 226.36 Case 3 (M=10) 249.08 Case 3 (M=25) 233.83 Table : Execution times (in hours) for the Scimark workloads for the three cases

14 Results

15 Results

16 Results M=5 M=10 M=15 M=25 Optimal Checkpoint Interval (hours) 0.3 0.5
0.65 0.95 Execution Times(hours) 248.97 241.57 238.16 235.06 Table : Approximate optimal checkpoint interval values and their corresponding workload execution times for LU (Case 3) at different values of M

17 Outline Structure Motivation Threat model System design
Performance analysis Conclusion

18 Conclusion Low cost solution to secure proactive recovery
Mission survivability Utilized redundant hardware Small overhead in absence of failures Effective preventive measure Future work To evaluate this scheme for a distributed system

19 Thank You !!


Download ppt "Secure Proactive Recovery – a Hardware Based Mission Assurance Scheme"

Similar presentations


Ads by Google