Probabilistic Validation of an Intrusion-Tolerant Replication System

Sankalp Singh, Michel Cukier, William H. Sanders

Research output: Contribution to conferencePaper

Abstract

As computer systems become more complex and more widely distributed, it is becoming increasingly difficult to remove all vulnerabilities that can potentially be exploited by intruders. Intrusion tolerance is an emerging approach that aims to enable systems to continue functioning in spite of successful intrusions. Before intrusion tolerance is accepted as an approach to security, there must be quantitative techniques to measure its efficacy. However, there have been very few attempts at quantitative validation of intrusion-tolerant systems or, for that matter, of security in general. In this paper, we show that probabilistic validation through stochastic modeling is an attractive mechanism for evaluating intrusion tolerance. We demonstrate our approach by using stochastic activity networks to quantitatively validate an intrusion-tolerant replication management system. We characterize the intrusion tolerance provided by the system through several measures defined on the model, and study variations in these measures in response to changes in system parameters to evaluate the relative merits of various design choices.

Original languageEnglish (US)
Pages615-624
Number of pages10
DOIs
StatePublished - Dec 1 2003
Event2003 International Conference on Dependable Systems and Networks - San Francisco, CA, United States
Duration: Jun 22 2003Jun 25 2003

Other

Other2003 International Conference on Dependable Systems and Networks
CountryUnited States
CitySan Francisco, CA
Period6/22/036/25/03

Fingerprint

Computer systems

ASJC Scopus subject areas

  • Software
  • Hardware and Architecture
  • Computer Networks and Communications

Cite this

Singh, S., Cukier, M., & Sanders, W. H. (2003). Probabilistic Validation of an Intrusion-Tolerant Replication System. 615-624. Paper presented at 2003 International Conference on Dependable Systems and Networks, San Francisco, CA, United States. https://doi.org/10.1109/DSN.2003.1209971

Probabilistic Validation of an Intrusion-Tolerant Replication System. / Singh, Sankalp; Cukier, Michel; Sanders, William H.

2003. 615-624 Paper presented at 2003 International Conference on Dependable Systems and Networks, San Francisco, CA, United States.

Research output: Contribution to conferencePaper

Singh, S, Cukier, M & Sanders, WH 2003, 'Probabilistic Validation of an Intrusion-Tolerant Replication System', Paper presented at 2003 International Conference on Dependable Systems and Networks, San Francisco, CA, United States, 6/22/03 - 6/25/03 pp. 615-624. https://doi.org/10.1109/DSN.2003.1209971
Singh S, Cukier M, Sanders WH. Probabilistic Validation of an Intrusion-Tolerant Replication System. 2003. Paper presented at 2003 International Conference on Dependable Systems and Networks, San Francisco, CA, United States. https://doi.org/10.1109/DSN.2003.1209971
Singh, Sankalp ; Cukier, Michel ; Sanders, William H. / Probabilistic Validation of an Intrusion-Tolerant Replication System. Paper presented at 2003 International Conference on Dependable Systems and Networks, San Francisco, CA, United States.10 p.
@conference{37b201b85f2e43c3b5e41dc634771b71,
title = "Probabilistic Validation of an Intrusion-Tolerant Replication System",
abstract = "As computer systems become more complex and more widely distributed, it is becoming increasingly difficult to remove all vulnerabilities that can potentially be exploited by intruders. Intrusion tolerance is an emerging approach that aims to enable systems to continue functioning in spite of successful intrusions. Before intrusion tolerance is accepted as an approach to security, there must be quantitative techniques to measure its efficacy. However, there have been very few attempts at quantitative validation of intrusion-tolerant systems or, for that matter, of security in general. In this paper, we show that probabilistic validation through stochastic modeling is an attractive mechanism for evaluating intrusion tolerance. We demonstrate our approach by using stochastic activity networks to quantitatively validate an intrusion-tolerant replication management system. We characterize the intrusion tolerance provided by the system through several measures defined on the model, and study variations in these measures in response to changes in system parameters to evaluate the relative merits of various design choices.",
author = "Sankalp Singh and Michel Cukier and Sanders, {William H.}",
year = "2003",
month = "12",
day = "1",
doi = "10.1109/DSN.2003.1209971",
language = "English (US)",
pages = "615--624",
note = "2003 International Conference on Dependable Systems and Networks ; Conference date: 22-06-2003 Through 25-06-2003",

}

TY - CONF

T1 - Probabilistic Validation of an Intrusion-Tolerant Replication System

AU - Singh, Sankalp

AU - Cukier, Michel

AU - Sanders, William H.

PY - 2003/12/1

Y1 - 2003/12/1

N2 - As computer systems become more complex and more widely distributed, it is becoming increasingly difficult to remove all vulnerabilities that can potentially be exploited by intruders. Intrusion tolerance is an emerging approach that aims to enable systems to continue functioning in spite of successful intrusions. Before intrusion tolerance is accepted as an approach to security, there must be quantitative techniques to measure its efficacy. However, there have been very few attempts at quantitative validation of intrusion-tolerant systems or, for that matter, of security in general. In this paper, we show that probabilistic validation through stochastic modeling is an attractive mechanism for evaluating intrusion tolerance. We demonstrate our approach by using stochastic activity networks to quantitatively validate an intrusion-tolerant replication management system. We characterize the intrusion tolerance provided by the system through several measures defined on the model, and study variations in these measures in response to changes in system parameters to evaluate the relative merits of various design choices.

AB - As computer systems become more complex and more widely distributed, it is becoming increasingly difficult to remove all vulnerabilities that can potentially be exploited by intruders. Intrusion tolerance is an emerging approach that aims to enable systems to continue functioning in spite of successful intrusions. Before intrusion tolerance is accepted as an approach to security, there must be quantitative techniques to measure its efficacy. However, there have been very few attempts at quantitative validation of intrusion-tolerant systems or, for that matter, of security in general. In this paper, we show that probabilistic validation through stochastic modeling is an attractive mechanism for evaluating intrusion tolerance. We demonstrate our approach by using stochastic activity networks to quantitatively validate an intrusion-tolerant replication management system. We characterize the intrusion tolerance provided by the system through several measures defined on the model, and study variations in these measures in response to changes in system parameters to evaluate the relative merits of various design choices.

UR - http://www.scopus.com/inward/record.url?scp=1542330099&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=1542330099&partnerID=8YFLogxK

U2 - 10.1109/DSN.2003.1209971

DO - 10.1109/DSN.2003.1209971

M3 - Paper

AN - SCOPUS:1542330099

SP - 615

EP - 624

ER -