Presentation is loading. Please wait.

Presentation is loading. Please wait.

Randomized Failover Intrusion Tolerant Systems (RFITS) Ranga Ramanujan Noel Schmidt Architecture Technology Corporation Odyssey Research Associates DARPA.

Published byLenard Ramsey Modified over 9 years ago

Similar presentations

Presentation on theme: "Randomized Failover Intrusion Tolerant Systems (RFITS) Ranga Ramanujan Noel Schmidt Architecture Technology Corporation Odyssey Research Associates DARPA."— Presentation transcript:

1 Randomized Failover Intrusion Tolerant Systems (RFITS) Ranga Ramanujan Noel Schmidt Architecture Technology Corporation Odyssey Research Associates DARPA Intrusion Tolerant Systems Program

2 Architecture Technology Corporation/Odyssey Research Associates Application Domain Comparison Situational awareness Representation of real-time Hard real-time Examples –Air traffic control –Sonar data processing Data collection &dissemination Up-to-date and historical data Soft real-time Examples –Intelligence gathering –MDDS Server to WarfighterSensor to Warfighter

3 Architecture Technology Corporation/Odyssey Research Associates Technical Challenge Key challenges to building a high availability intrusion tolerant system –maintaining error detection coverage for an evolving fault set –sustaining required error recovery coverage in spite of intentional faults

4 Architecture Technology Corporation/Odyssey Research Associates Research Objectives Develop general design principles, collectively called RFITS, for building robust information systems that can sustain correct operation in spite of intrusion-induced DOS attacks –Focus on real-time, high availability military systems Validate and demonstrate effectiveness of RFITS –establish generality of RFITS architecture and techniques –build prototype of RFITS-based system –derive performance characteristics via experimentation and simulations –perform joint experimentation with other IA&S efforts

5 Architecture Technology Corporation/Odyssey Research Associates RFITS Approach Randomized failover process Randomized distribution of service requests among redundant (and possibly diverse) servers Semantic integrity checks at subsystem service boundaries Hierarchical recovery management Systems engineering methodology for deriving a layered intrusion tolerant architecture

6 Architecture Technology Corporation/Odyssey Research Associates Strawman RFITS Methodology The system engineering methodology consists of the application of the following processes: –Analysis of the operational, systems, and technical architecture to identify the threats –Derivation of fault model for the system under study –FMEA/FMECA driven design of error detection mechanisms –FMEA driven design of failover policy –End-to-end threads analyses Applied RFITS methodology to tactical ad hoc networks to derive an intrusion tolerant architecture, i.e., TIARA

7 Architecture Technology Corporation/Odyssey Research Associates Vulnerabilities of Ad Hoc Networks Resource depletion attack –intruder usurps network resources by injecting spurious traffic or by replaying traffic Flow disruption attack –intruder drops, corrupts, or delays data packets Route hijacking –intruder creates phantom routes

8 Architecture Technology Corporation/Odyssey Research Associates RFITS-Based TIARA Approach Collectively, TIARA mechanisms protect ad hoc networks against intrusion attacks on routing as well as data traffic

9 Architecture Technology Corporation/Odyssey Research Associates Risks Availability of sufficient number of candidate operational systems for study –Leverage FAA connections –Acquire openly available material on DoD systems Implementation of prototype with sufficient richness to demonstrate a range of RFITS derive intrusion tolerant mechanisms –Augment base system with simulations, if possible

10 Architecture Technology Corporation/Odyssey Research Associates Metrics Coverage of RFITS derived techniques –error detection –failover Lifecycle cost impact –deployment costs –operating costs Performance overhead

11 Architecture Technology Corporation/Odyssey Research Associates Major Achievements Handbook for building real-time, high-availability intrusion tolerant systems –RFITS system engineering methodology –RFITS-derived techniques for error detection and failover Demonstration of a prototype military application (e.g., air traffic surveillance system) built using RFITS

12 Architecture Technology Corporation/Odyssey Research Associates Task Schedule

13 Architecture Technology Corporation/Odyssey Research Associates Technology Transfer Transferable technology resulting from this effort –Design techniques (i.e., RFITS) for building intrusion tolerant systems Technology transition avenues include –Strategic alliances with DoD system integration contractors –Collaboration with DoD Technology Transition organizations –Leverage relationship with the FAA –Publications

Download ppt "Randomized Failover Intrusion Tolerant Systems (RFITS) Ranga Ramanujan Noel Schmidt Architecture Technology Corporation Odyssey Research Associates DARPA."

Similar presentations

A PERFORMANCE BASED GLOBAL AIR NAVIGATION SYSTEM: PART II

A PERFORMANCE BASED GLOBAL AIR NAVIGATION SYSTEM: PART II
Mafijul Islam, PhD Software Systems, Electrical and Embedded Systems Advanced Technology & Research Research Issues in Computing Systems: An Automotive.

Mafijul Islam, PhD Software Systems, Electrical and Embedded Systems Advanced Technology & Research Research Issues in Computing Systems: An Automotive.
Josh Alcorn Larry Brachfeld An in depth review of ad hoc mobile network & cloud security concerns.

Josh Alcorn Larry Brachfeld An in depth review of ad hoc mobile network & cloud security concerns.
DARPA ITS PI Meeting – Honolulu – July 17-21, 2000Slide 1 Aegis Research Corporation Intrusion Tolerance Using Masking, Redundancy and Dispersion DARPA.

DARPA ITS PI Meeting – Honolulu – July 17-21, 2000Slide 1 Aegis Research Corporation Intrusion Tolerance Using Masking, Redundancy and Dispersion DARPA.
Randomized Failover Intrusion Tolerant Systems (RFITS) Ranga Ramanujan Doug Long Architecture Technology Corporation Odyssey Research Associates DARPA.

Randomized Failover Intrusion Tolerant Systems (RFITS) Ranga Ramanujan Doug Long Architecture Technology Corporation Odyssey Research Associates DARPA.
1 Intrusion Tolerance for NEST Bruno Dutertre, Steven Cheung SRI International NEST 2 Kickoff Meeting November 4, 2002.

1 Intrusion Tolerance for NEST Bruno Dutertre, Steven Cheung SRI International NEST 2 Kickoff Meeting November 4, 2002.
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Variability Oriented Programming – A programming abstraction for adaptive service orientation Prof. Umesh Bellur Dept. of Computer Science & Engg, IIT.

Variability Oriented Programming – A programming abstraction for adaptive service orientation Prof. Umesh Bellur Dept. of Computer Science & Engg, IIT.
Randomized Failover Intrusion- Tolerant Systems (RFITS) Ranga Ramanujan, Maher Kaddoura, John Wu, Clint Sanders, Doug Harper, David Baca Architecture Technology.

Randomized Failover Intrusion- Tolerant Systems (RFITS) Ranga Ramanujan, Maher Kaddoura, John Wu, Clint Sanders, Doug Harper, David Baca Architecture Technology.
Arsitektur Jaringan Terkini

Arsitektur Jaringan Terkini
Report on Intrusion Detection and Data Fusion By Ganesh Godavari.

Report on Intrusion Detection and Data Fusion By Ganesh Godavari.
An Effective Placement of Detection Systems for Distributed Attack Detection in Large Scale Networks Telecommunication and Security LAB. Dept. of Industrial.

An Effective Placement of Detection Systems for Distributed Attack Detection in Large Scale Networks Telecommunication and Security LAB. Dept. of Industrial.
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.

©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.
Challenge: Securing Routing Protocols Adrian Perrig

Challenge: Securing Routing Protocols Adrian Perrig
Protocol Engineering Research Center P. M. Melliar-Smith U.C. Santa Barbara M. G. Baker Stanford J. J. Garcia-Luna-Aceves U.C. Santa Cruz J. C. Hou Ohio.

Protocol Engineering Research Center P. M. Melliar-Smith U.C. Santa Barbara M. G. Baker Stanford J. J. Garcia-Luna-Aceves U.C. Santa Cruz J. C. Hou Ohio.
WPDRTS ’05 1 Workshop on Parallel and Distributed Real-Time Systems 2005 April 4th and 5th, 2005, Denver, Colorado Challenge Problem Session Detection.

WPDRTS ’05 1 Workshop on Parallel and Distributed Real-Time Systems 2005 April 4th and 5th, 2005, Denver, Colorado Challenge Problem Session Detection.
Using Architecture Frameworks

Using Architecture Frameworks
UNCLASSIFIED Secure Indirect Routing and An Autonomous Enterprise Intrusion Defense System Applied to Mobile ad hoc Networks J. Leland Langston, Raytheon.

UNCLASSIFIED Secure Indirect Routing and An Autonomous Enterprise Intrusion Defense System Applied to Mobile ad hoc Networks J. Leland Langston, Raytheon.
Security in Wireless Sensor Networks Perrig, Stankovic, Wagner Jason Buckingham CSCI 7143: Secure Sensor Networks August 31, 2004.

Security in Wireless Sensor Networks Perrig, Stankovic, Wagner Jason Buckingham CSCI 7143: Secure Sensor Networks August 31, 2004.
Stephen S. Yau CSE465 & CSE591, Fall 2006 1 Information Assurance (IA) & Security Overview Concepts Security principles & strategies Techniques Guidelines,

Stephen S. Yau CSE465 & CSE591, Fall Information Assurance (IA) & Security Overview Concepts Security principles & strategies Techniques Guidelines,

Similar presentations

Ads by Google