Presentation is loading. Please wait.

Presentation is loading. Please wait.

An Adaptive Intrusion-Tolerant Architecture Alfonso Valdes, Tomas Uribe, Magnus Almgren, Steven Cheung, Yves Deswarte, Bruno Dutertre, Josh Levy, Hassen.

Published byAlexander Goodman Modified over 9 years ago

Similar presentations

Presentation on theme: "An Adaptive Intrusion-Tolerant Architecture Alfonso Valdes, Tomas Uribe, Magnus Almgren, Steven Cheung, Yves Deswarte, Bruno Dutertre, Josh Levy, Hassen."— Presentation transcript:

1 An Adaptive Intrusion-Tolerant Architecture Alfonso Valdes, Tomas Uribe, Magnus Almgren, Steven Cheung, Yves Deswarte, Bruno Dutertre, Josh Levy, Hassen Saïdi Acknowledgements Research sponsored under DARPA Contract N66001-00-C-8058. Views presented are those of the authors and do not represent the views of DARPA or the Space and Naval Warfare Systems Center

2 Outline t Assumptions t Background t System Components t The Single Proxy t Mechanisms t Validation and Future Work

3 Schedule Adapt Hacked Dependable Intrusion Tolerance Contain Recover New Ideas Impact  Detect cyber system deviation resulting from attacks,  Contain the attacked resource,  Adapt system resources, and  Recover lost functionality over time  Assures integrity and availability of mission critical content provision services such as plan distribution  Critical service providers function even when under attack  Distributed content is accurate, despite hacker’s malicious changes  Automatic recovery lets operators focus on primary mission

4 Assumptions t Attacker does not have physical access t Flood/overrun attacks are not addressed t Not all replicates are vulnerable to the same attack t No attack can simultaneously compromise more than a critical fraction of the COTS Servers t Correct servers all give the same answer to a given request t Focus is on integrity and availability, but system is compatible with mechanisms for confidentiality

5 Background t Intrusion Tolerant Server

6 Background t Intrusion Tolerant Server u Redundancy & Diversity

7 Background t Intrusion Tolerant Server u Redundancy & Diversity u Hardened Proxy l StackGuard l Online Verification ensures operation conforms to spec l Small Code Base

8 Background t Intrusion Tolerant Server u Redundancy & Diversity u Hardened Proxy l StackGuard l Online Verifiers l Small Code Base u HIDS/NIDS/app-IDS l EMERALD/Snort

9 Mechanism Summary t Proxy u Limits access to app servers u Sanitizes some suspicious requests t IDS u Detect attacks, anomalous traffic u Trigger response mechanism t Adaptive agreement policy u Corroborates response to client u Identifies malfunctioning servers t Challenge-response u Integrity and liveness u Triggers response mechanism t On-line verification u Ensures correct proxy functionality u Triggers response mechanism t Periodic reboot

10 System Components t Application Servers u Solaris, Win2k, RedHat, FreeBSD t IDS t Proxy u RedHat-6.2 u Our own code base MS Win2k IIS Solaris 8 (Sparc5) Apache eXpert-BSM RedHat 7.1 iPlanet FreeBSD 4.2 Apache App-IDS eXpert-Net eBayes-TCP eBayes-Blue Snort RedHat 6.2 Proxy eAggregator C-R

11 Agreement Policies t Benign - Each request dealt to one app server t Duplex (default regime at system start) - Each request sent to two app servers t Triplex - Each request sent to three app servers t Quad - Each request sent to four app servers t Transition to a more permissive regime after some time of normal activity Policy regime is specified as (N, K), N servers are polled, K must agree. (3,3) is the regime obtained if (4, 3) is in effect and one server is diagnosed faulty. While it is repaired, full agreement is required of the rest. 1,12,23,34,4 4,3 Policy/Regime

12 Proxy in Detail e-Aggregator Challenge Response Repair Manager Proxy Server Regime Manager Alert Manager 1,12,23,34,4 4,3 Policy/Regime

13 Response t Temporarily blocking the address from where attack seems to originate t Increasing agreement regime t Increasing frequency and coverage of challenge-response protocol t Disconnecting and rebooting a server t Refusing service and alerting the sys admin

14 Publications and Presentations t “Dependable Intrusion Tolerance”, Tenth Annual Conference on Security Protocols, Cambridge, UK, April 02 t “An Adaptive Intrusion Tolerant Server Architecture” Workshop on Intrusion Tolerant Systems, DSN02, June 02 t “Combining Monitors for Run-Time System Verification”, Workshop on Runtime Verification (RV'02) International Conference on Computer Aided Verification, Copenhagen, Denmark, July 02 Electronic Notes in Theoretical Computer Science, vol. 70, number 4

15 Validation t Diversity u Direct detection on external network (IDS sensors) u Symptom detection on the private network (proxy) u Agreement u Challenge response protocols t Performance u Preliminary Results t Resistance to attacks u Compiling a list of existing Web exploits to run them against the implementation u Formal verification of appropriate components u Red teaming

16 Plans t Address dynamic content t Refine alert, detection, response mechanisms t Validation and experimentation t Transition

Download ppt "An Adaptive Intrusion-Tolerant Architecture Alfonso Valdes, Tomas Uribe, Magnus Almgren, Steven Cheung, Yves Deswarte, Bruno Dutertre, Josh Levy, Hassen."

Similar presentations

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
DARPA ITS PI Meeting – Honolulu – July 17-21, 2000Slide 1 Aegis Research Corporation Intrusion Tolerance Using Masking, Redundancy and Dispersion DARPA.

DARPA ITS PI Meeting – Honolulu – July 17-21, 2000Slide 1 Aegis Research Corporation Intrusion Tolerance Using Masking, Redundancy and Dispersion DARPA.
Critical Software Security Through Replication and Virtualization A Research Proposal Dennis Edwards Sharon Simmons Arangamanikkannan Manickam.

Critical Software Security Through Replication and Virtualization A Research Proposal Dennis Edwards Sharon Simmons Arangamanikkannan Manickam.
Making Services Fault Tolerant

Making Services Fault Tolerant
1 Intrusion Tolerance for NEST Bruno Dutertre, Steven Cheung SRI International NEST 2 Kickoff Meeting November 4, 2002.

1 Intrusion Tolerance for NEST Bruno Dutertre, Steven Cheung SRI International NEST 2 Kickoff Meeting November 4, 2002.
1 Building Reliable Web Services: Methodology, Composition, Modeling and Experiment Pat. P. W. Chan Department of Computer Science and Engineering The.

1 Building Reliable Web Services: Methodology, Composition, Modeling and Experiment Pat. P. W. Chan Department of Computer Science and Engineering The.
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.

6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.
1 Quality Objects: Advanced Middleware for Wide Area Distributed Applications Rick Schantz Quality Objects: Advanced Middleware for Large Scale Wide Area.

1 Quality Objects: Advanced Middleware for Wide Area Distributed Applications Rick Schantz Quality Objects: Advanced Middleware for Large Scale Wide Area.
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.

©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.
1 Steve Chenoweth Tuesday, 10/18/11 Week 7, Day 2 Right – One view of the layers of ingredients to an enterprise security program. From www.451group.com/security/451_security.php.www.451group.com/security/451_security.php.

1 Steve Chenoweth Tuesday, 10/18/11 Week 7, Day 2 Right – One view of the layers of ingredients to an enterprise security program. From
UNCLASSIFIED Secure Indirect Routing and An Autonomous Enterprise Intrusion Defense System Applied to Mobile ad hoc Networks J. Leland Langston, Raytheon.

UNCLASSIFIED Secure Indirect Routing and An Autonomous Enterprise Intrusion Defense System Applied to Mobile ad hoc Networks J. Leland Langston, Raytheon.
Applied Cryptography for Network Security

Applied Cryptography for Network Security
Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,

Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,
(Geneva, Switzerland, September 2014)

(Geneva, Switzerland, September 2014)
Computer Security: Principles and Practice

Computer Security: Principles and Practice
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
1 Making Services Fault Tolerant Pat Chan, Michael R. Lyu Department of Computer Science and Engineering The Chinese University of Hong Kong Miroslaw Malek.

1 Making Services Fault Tolerant Pat Chan, Michael R. Lyu Department of Computer Science and Engineering The Chinese University of Hong Kong Miroslaw Malek.
Network and Systems Security Security Awareness, Risk Management, Policies and Network Architecture.

Network and Systems Security Security Awareness, Risk Management, Policies and Network Architecture.
Website Hardening HUIT IT Security | Sep 30 2011.

Website Hardening HUIT IT Security | Sep

Similar presentations

Ads by Google