• DocumentCode
    3070381
  • Title

    Securing Web Servers Using Self Cleansing Intrusion Tolerance (SCIT)

  • Author

    Bangalore, Anantha K. ; Sood, Arun K.

  • Author_Institution
    George Mason Univ., Fairfax, VA, USA
  • fYear
    2009
  • fDate
    18-23 June 2009
  • Firstpage
    60
  • Lastpage
    65
  • Abstract
    The number of malware attacks is increasing, Companies have invested millions of dollars in intrusion detection and intrusion prevention (ID/IP) technologies and products, yet many web servers are hacked every year. The current reactive methods of security have proven to be inadequate because the ldquobad guysrdquo are always one step ahead of the Intrusion Detection/Intrusion Prevention community. Our research seeks to prove the feasibility of a completely new and innovative theory of server security called ldquoSelf-Cleansing Intrusion Tolerancerdquo (SCIT). SCIT shifts the focus from detection and prevention to containing losses. SCIT uses virtualization technology in a new and unique way to make it more difficult for attackers to do damage/acquire data by reducing a serverpsilas exposure time from several months to less than a minute. In this way we increase the dependability of the server and provide a new way to balance the trade-off between security and availability. We have applied SCIT to multiple types of servers (DNS, SSO and Web), in this paper we will focus on securing web servers using SCIT. Based on the results of load testing of a web application for various load scenarios under both scit and non-scit environments, we will clearly show that SCIT provides a high degree of security with little degradation in overall response time of the application.
  • Keywords
    Internet; security of data; Web application load testing; Web servers security; intrusion detection; intrusion prevention; malware attacks; self cleansing intrusion tolerance; server dependability; server exposure time; virtualization technology; Computer hacking; Data security; Degradation; Delay; Information security; Intrusion detection; Protection; Risk management; Testing; Web server; SCIT; exposuretime; persistence; pro-active; response time; virtualization; vmware; web server;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Dependability, 2009. DEPEND '09. Second International Conference on
  • Conference_Location
    Athens, Glyfada
  • Print_ISBN
    978-0-7695-3666-8
  • Type

    conf

  • DOI
    10.1109/DEPEND.2009.15
  • Filename
    5211085