Title :
Automating Intrusion Response via Virtualization for Realizing Uninterruptible Web Services
Author :
Huang, Yih ; Ghosh, Anup K.
Author_Institution :
Center for Secure Inf. Syst., George Mason Univ., Fairfax, VA, USA
Abstract :
We present a virtualization-based Web server system, a prototype, and experimental results for providing uninterrupted Web services in the presence of intrusion attacks and software faults. The proposed system utilizes replicated virtual servers managed by a closed-loop feedback controller. Using anomaly and intrusion sensor outputs, the controller calculates cost-weighted actions against threats to ensure Web service continuity. We will show that the system can handle broad classes of attacks. Experiment results show that our prototype retains 60% of its peak throughput under 8 DoS attacks per second over extended periods.
Keywords :
Web services; client-server systems; security of data; software fault tolerance; virtual machines; closed-loop feedback controller; intrusion response automation; software fault; uninterruptible Web service realization; virtualization-based Web server system; Actuators; Application virtualization; Availability; Computer applications; Computer architecture; Open source software; Software prototyping; Variable structure systems; Web server; Web services; automatic recovery; intrusion tolerance; service availability; trustworhy computing; web server security;
Conference_Titel :
Network Computing and Applications, 2009. NCA 2009. Eighth IEEE International Symposium on
Conference_Location :
Cambridge, MA
Print_ISBN :
978-0-7695-3698-9
Electronic_ISBN :
978-0-7695-3698-9
DOI :
10.1109/NCA.2009.37
