Presentation is loading. Please wait.

Presentation is loading. Please wait.

Survival by Defense- Enabling Partha Pal, Franklin Webber, Richard Schantz BBN Technologies LLC Proceedings of the Foundations of Intrusion Tolerant Systems(2003)

Published byEustace Gilbert Modified over 9 years ago

Similar presentations

Presentation on theme: "Survival by Defense- Enabling Partha Pal, Franklin Webber, Richard Schantz BBN Technologies LLC Proceedings of the Foundations of Intrusion Tolerant Systems(2003)"— Presentation transcript:

1 Survival by Defense- Enabling Partha Pal, Franklin Webber, Richard Schantz BBN Technologies LLC Proceedings of the Foundations of Intrusion Tolerant Systems(2003) Presented by J.H. Su

2 Authors(1/3) Partha Pal a Division Scientist at BBN Technologies. His research interest is in the area of survivable distributed systems.

3 Authors(2/3) Franklin Webber a software engineer, have primarily been supporting BBN Technologies doing DARPA-sponsored research on strengthening the resistance of computer systems to malicious attack.

4 Authors(3/3) Richard Schantz Works At Intelligent Distributed Computing Department in BBN.

5 Outline Introduction “Survival by Defense” of Critical Application Acquisition of Privilege Control of Resources Use of Defensive Adaptation in Application’s Survival Issues and Limitations Related Work Conclusion

6 Introduction(1/4) Attack survival The ability to provide some level of service despite an ongoing attack by tolerating its impact.

7 Introduction(2/4) Attack prevention Lead to the development of what is known as a trusted computing base (TCB). Attack detection and situational awareness Lead to the development of various intrusion detection system (IDS).

8 Trusted Computing Base (TCB) Confidentiality Authentication Integrity

9 Introduction(3/4) Drawback In fact, many of the world’s computer systems today run operating systems and networking software that are far from the TCB ideal. IDS mostly works off-line, without any direct runtime interaction or coordination with the applications (and with other IDSs) that they aim to protect.

10 Introduction(4/4) Survival by protection Seeks to prevent the attacker from gaining privileges Survival by defense Includes protection but also seeks to frustrate an attacker in case protection fails and the attacker gains some privileges anyway

11 “Survival by Defense” of Critical Application(1/5) Focus on The specific need of a specific type of applications. What is a critical applications? These applications are critical in the sense that the functions they implement are the main purpose of the computer system on which they run.

12 “Survival by Defense” of Critical Application(2/5) Assumption We can modify or extend the design and implementation of the critical applications.

13 “Survival by Defense” of Critical Application(3/5) Corruption An application that does not function correctly Reasons of Application corrupt An accident, such as a hardware failure, or because of malice; Flaws in its environment or in its own implementation cause it to misbehave.

14 “Survival by Defense” of Critical Application(5/5) The Goal The attacker’s acquisition of privileges must be slowed down. The defense must respond and adapt to the privileged attacker’s abuse of resources.

15 Acquisition of Privilege(1/4) Divide the system into several security domains, each with its own set of privileges The domains are chosen and configured to make best use of the existing protection in the environment to limit the spread of privilege. The domains must not overlap. Each security domain may offer many different kinds of privilege. The attacker cannot accumulate privileges concurrently in any such set of domains.

16 Acquisition of Privilege(2/4) Kinds of Privilege anonymous user privilege domain user privilege domain administrator privilege application-level privilege

17 Acquisition of Privilege(3/4) Three ways for an attacker to gain new privileges Convert domain or anonymous user privilege into domain administrator privilege. Convert domain administrator privilege in one domain into domain administrator privilege in another. Convert domain administrator privilege into application-level privilege.

18 Acquisition of Privilege(4/4) Solution for Case1 Careful configuration of hosts and firewalls. Solution for Case2 Proper host configuration and administration Having a heterogeneous environment with various types of hardware and operating systems. Solution for Case3 Use cryptographic techniques

19 Control of Resource(1/3) The attacker and the critical applications compete over system resources Use of redundancy Monitoring Adaptation

20 Control of Resource(2/3) Use of redundancy Replicate every essential part of the application and place the replicas in different domains. The replicas must be coordinated to ensure that, as a group, they will not be corrupted when the attacker succeeds in corrupting some of them.

21 Control of Resource(3/3) Monitoring QoS Self-checking whether the application continues to satisfy invariants specified by its developers.

22 Use of Defensive Adaptation in Application’s Survival(1/4) A classification of defensive adaptations Dimension1 : The level of system architecture at which these adaptations work. Dimension2 : how aggressively the attack can be countered.

23 Use of Defensive Adaptation in Application’s Survival(2/4) Defeat AttackWork Around Attack Guard Against Future Attack Application level Retry failed request Redirect request ;degrade service Increase self- checking QoS management level Reserve CPU, bandwidth migrate replicasTighten cryptographic, access control Infrastructure level Block IP sourcesChange ports, protocols Configure IDSs

24 Use of Defensive Adaptation in Application’s Survival(3/4) The importance of the capability to change between various modes and the associated trade-offs. Defensive adaptation is mostly reactive. Defensive adaptation could be pro-active.

25 Use of Defensive Adaptation in Application’s Survival(4/4) Make these adaptive responses unpredictable. some uncertainty needs to be injected. Separate the design of the functional (or business) aspects of the application from the design of defensive adaptation. Put the latter into middleware. reusable for many different applications.

26 Issues and Limitations The reliance on crypto systems. It is not simple to combine multiple mechanisms in a defense strategy. selection of appropriate mechanism, potential conflict analysis and resolution has to be done manually by an expert. Relies on the fact that attacks proceed sequentially

27 Related Work MAFTIA an ESPRIT project developing an open architecture for transactional operations on the Internet. The “Survivability Architectures” project Aims to separate survivability requirements from an application’s functional requirements. The “An Aspect-Oriented Security Assurance Solution” project implement security-related code transformations on an application program.

28 Conclusion We are implementing technology for defense enabling under the DARPA project titled “Applications that Participate in their Own Defense” (APOD). Defense enabling can increase an application’s resistance to malicious attack. Greater survivability for the application on its own and an increased chance for system administrators to detect and thwart the attack before it succeeds.

29 Thanks for your listening

Download ppt "Survival by Defense- Enabling Partha Pal, Franklin Webber, Richard Schantz BBN Technologies LLC Proceedings of the Foundations of Intrusion Tolerant Systems(2003)"

Similar presentations

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
Fundamentals of Computer Security Geetika Sharma Fall 2008.

Fundamentals of Computer Security Geetika Sharma Fall 2008.
Chapter 1 – Introduction

Chapter 1 – Introduction
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.

6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.
1 Quality Objects: Advanced Middleware for Wide Area Distributed Applications Rick Schantz Quality Objects: Advanced Middleware for Large Scale Wide Area.

1 Quality Objects: Advanced Middleware for Wide Area Distributed Applications Rick Schantz Quality Objects: Advanced Middleware for Large Scale Wide Area.
Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming, but on our own readiness to receive him; not.

Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming, but on our own readiness to receive him; not.
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.

©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.
Chapter 1 Introduction. Chapter Overview Overview of Operating Systems Secure Operating Systems Basic Concepts in Information Security Design of a Secure.

Chapter 1 Introduction. Chapter Overview Overview of Operating Systems Secure Operating Systems Basic Concepts in Information Security Design of a Secure.
Presented By: Vinay Kumar.  At the time of invention, Internet was just accessible to a small group of pioneers who wanted to make the network work.

Presented By: Vinay Kumar.  At the time of invention, Internet was just accessible to a small group of pioneers who wanted to make the network work.
Applied Cryptography for Network Security

Applied Cryptography for Network Security
Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,

Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Stephen S. Yau CSE 465-591, Fall 2006 1 Security Strategies.

Stephen S. Yau CSE , Fall Security Strategies.
Cryptography and Network Security Chapter 1 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 1 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.

©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.
Presented by INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used?

Presented by INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used?
Scientific Computing Department Faculty of Computer and Information Sciences Ain Shams University Supervised By: Mohammad F. Tolba Mohammad S. Abdel-Wahab.

Scientific Computing Department Faculty of Computer and Information Sciences Ain Shams University Supervised By: Mohammad F. Tolba Mohammad S. Abdel-Wahab.
1 Cryptography and Network Security Fourth Edition by William Stallings Lecture slides by Lawrie Brown Changed by: Somesh Jha [Lecture 1]

1 Cryptography and Network Security Fourth Edition by William Stallings Lecture slides by Lawrie Brown Changed by: Somesh Jha [Lecture 1]
ATIF MEHMOOD MALIK KASHIF SIDDIQUE Improving dependability of Cloud Computing with Fault Tolerance and High Availability.

ATIF MEHMOOD MALIK KASHIF SIDDIQUE Improving dependability of Cloud Computing with Fault Tolerance and High Availability.

Similar presentations

Ads by Google