Probabilistic Validation of an Intrusion-Tolerant Replication System

Sankalp Singh, Michel Cukier, William H. Sanders

Research output: Contribution to conferencePaper

Abstract

As computer systems become more complex and more widely distributed, it is becoming increasingly difficult to remove all vulnerabilities that can potentially be exploited by intruders. Intrusion tolerance is an emerging approach that aims to enable systems to continue functioning in spite of successful intrusions. Before intrusion tolerance is accepted as an approach to security, there must be quantitative techniques to measure its efficacy. However, there have been very few attempts at quantitative validation of intrusion-tolerant systems or, for that matter, of security in general. In this paper, we show that probabilistic validation through stochastic modeling is an attractive mechanism for evaluating intrusion tolerance. We demonstrate our approach by using stochastic activity networks to quantitatively validate an intrusion-tolerant replication management system. We characterize the intrusion tolerance provided by the system through several measures defined on the model, and study variations in these measures in response to changes in system parameters to evaluate the relative merits of various design choices.

Original languageEnglish (US)
Pages615-624
Number of pages10
DOIs
StatePublished - Dec 1 2003
Event2003 International Conference on Dependable Systems and Networks - San Francisco, CA, United States
Duration: Jun 22 2003Jun 25 2003

Other

Other2003 International Conference on Dependable Systems and Networks
CountryUnited States
CitySan Francisco, CA
Period6/22/036/25/03

ASJC Scopus subject areas

  • Software
  • Hardware and Architecture
  • Computer Networks and Communications

Fingerprint Dive into the research topics of 'Probabilistic Validation of an Intrusion-Tolerant Replication System'. Together they form a unique fingerprint.

  • Cite this

    Singh, S., Cukier, M., & Sanders, W. H. (2003). Probabilistic Validation of an Intrusion-Tolerant Replication System. 615-624. Paper presented at 2003 International Conference on Dependable Systems and Networks, San Francisco, CA, United States. https://doi.org/10.1109/DSN.2003.1209971