Assessing the attack resilience capabilities of a fortified primary-backup system

Author

Clarke, Dylan ; Ezhilchelvan, Paul

Author_Institution

Sch. of Comput. Sci., Newcastle Univ., Newcastle upon Tyne, UK

fYear

2010

fDate

June 28 2010-July 1 2010

Firstpage

182

Lastpage

187

Abstract

Primary-Backup service replication does not constrain that the service be built as a deterministic state machine. It is meant to tolerate crashes, not intrusions. We consider an approach, called FORTRESS, for adding intrusion-resilience capability to a primary-backup server system. It involves using proxies that block clients from directly accessing servers, and periodically randomizing the executables of proxies and servers. We argue that proxies and proactive randomization can offer sound defense against attacks including de-randomization attacks. Using simulations, we then compare the attack resilience that FORTRESS adds to a primary-backup server system with that attainable through state machine replication (SMR) that is fit only for deterministic services. A significant observation is that FORTRESS emerges to be more resilient than an SMR system of four server replicas that are diversely randomized at the start and are subject to proactive recovery throughout.

Keywords

back-up procedures; finite state machines; security of data; SMR; attack resilience capabilities; derandomization attacks; fortified primary backup system; intrusion resilience capability; proactive randomization; state machine replication; tolerate crashes; Analytical models; Availability; Computer crashes; Computer networks; Conferences; Entropy; Middleware; Network servers; Protection; Resilience;

fLanguage

English

Publisher

ieee

Conference_Titel

Dependable Systems and Networks Workshops (DSN-W), 2010 International Conference on

Conference_Location

Chicago, IL

Print_ISBN

978-1-4244-7729-6

Electronic_ISBN

978-1-4244-7728-9

Type

conf

DOI

10.1109/DSNW.2010.5542596

Filename

5542596