Defensive execution of transactional processes against attacks

Author

Yu, Meng ; Zang, Wanyu ; Liu, Peng

Author_Institution

Dept. of Comput. Sci., Monmouth Univ.

fYear

2005

fDate

5-9 Dec. 2005

Lastpage

526

Abstract

It is a well known problem that the attack recovery of a self-healing system rolls back not only malicious transactions, but also legitimate transactions that are dependent on the malicious transactions. Rolling back and re-executing damaged transactions increase the response time of the system and may cause a significant processing delay. In such situations, the availability of the system is compromised and the system suffers the vulnerability of denial of service (DoS). In this paper, we propose a defensive executing technique and analyze its effectiveness. Our technique concurrently executes multiple paths of a transactional processes based on the prediction generated by a discrete time Markov chain. The defensive execution can reduce the delay caused by recovery. We also propose a branch cutting technique to reduce the extra cost introduced by defensive execution. Our analytical results show that our technique is practical against transactional level attacks

Keywords

Markov processes; discrete time systems; system recovery; telecommunication security; transaction processing; attack recovery; branch cutting; defensive execution; denial of service; discrete time Markov chain; malicious transaction; self-healing system; transactional level attack; transactional process; Application software; Availability; Computer crime; Computer science; Computer security; Costs; Database systems; Delay effects; Transaction databases;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer Security Applications Conference, 21st Annual

Conference_Location

Tucson, AZ

ISSN

1063-9527

Print_ISBN

0-7695-2461-3

Type

conf

DOI

10.1109/CSAC.2005.18

Filename

1565278