• Title/Summary/Keyword: Intrusion Tolerance Technology

Search Result 13, Processing Time 0.019 seconds

Extraction and Specification of Requirements for Intrusion Tolerant Software Modeling (침입감내 소프트웨어 모델링을 위한 요구사항 추출 및 명세)

  • 조은숙;이강신
    • Journal of the Korea Society for Simulation
    • /
    • v.13 no.1
    • /
    • pp.51-63
    • /
    • 2004
  • Current distributed systems are attacked from the outside as well as in which new intrusions are occurred. In particular there is a growing but largely unnoticed intrusion threat due to the emerging middleware technologies such as CORBA, WAP, XML support, and enterprise application integrators. In order to cope with these attacks, intrusion tolerance technology is introduced. Intrusion tolerance technology means that it can provide services normally although attacks are occurred into system. There are intrusion tolerance architectures such as ITUA, HACQIT, SITAR, and so on as a part of DARPA project. In this paper, we analyze and discuss existing intrusion tolerance architectures with respect to intrusion tolerance technology. Also, we extract intrusion tolerant requirements, which are required to develop ,intrusion tolerant system. We propose UML-IT(Intrusion Tolerance) profiles and specify intrusion tolerant software by applying UML-IT profiles.

  • PDF

A Development Technique for Application Software Based on Intrusion Tolerant Requirements (침입감내 요구사항을 수용한 응용 소프트웨어 개발)

  • Kim Chul Jin;Lee Sook Hee;Cho Eun Sook
    • Journal of Korea Multimedia Society
    • /
    • v.8 no.2
    • /
    • pp.233-248
    • /
    • 2005
  • An intrusion tolerant technology has been introduced as a solution to prevent intrusion accident for unknown fragility or attack. However, a systematic modeling technique is not applied into a system design and development based on intrusion tolerant technology. Especially, elements such as availability, integrity, reliability, confidentiality, and so on are important requirements in intrusion tolerant system. Nevertheless, current most of UML-based modeling techniques pass over or don't provide design techniques reflecting those requirements. Therefore, we know these weaknesses and propose both profile and design technique reflecting and applying intrusion tolerant requirements systematically in the development of application software based on intrusion tolerance. We expect that proposed technique can extend not only current UML's limitations but also can improve the quality of application software based on intrusion tolerance.

  • PDF

Design and Implementation of Security System Based on Intrusion Tolerance Technology : Focus on Wargame System (침입감내기술 기반의 보안시스템 설계 및 구현 : 워게임체계를 중심으로)

  • Lee, Gang-Tack;Lee, Dong-Hwi;J. Kim, Kui-Nam
    • Convergence Security Journal
    • /
    • v.5 no.4
    • /
    • pp.41-48
    • /
    • 2005
  • Objective of this study is to design and implement security system based on intrusion tolerance technology for the improvement of dependability in defense system. In order to do so, I identify and extract core technologies through the research and analysis into characteristics, structures, main functions, and technologies of intrusion tolerance architecture. And I accomplish a design of security system through the redundant system based on these core technologies. To implement and verify intrusion tolerance system, I chose 'wargame system' as a subjected system, and accomplished 'Wargame Intrusion Tolerance System' and verified security required functions through a performance test. By applying showed security system into the development of application software based on intrusion tolerance, systematic and efficient system could be developed. Also applying 'WITDS' can solve the current security problems, and this will be basic model for design of security architecture in the federation system after.

  • PDF

A Dependability Analysis of the Group Management Protocol for Intrusion Tolerance of Essential Service (필수 서비스의 침입감내를 위한 그룹관리 프로토콜의 신뢰성 분석)

  • Kim, Hyung-Jong;Lee, Tai-Jin
    • Journal of the Korea Society for Simulation
    • /
    • v.16 no.1
    • /
    • pp.59-68
    • /
    • 2007
  • IT (Intrusion Tolerant) technology is for guaranteeing the availability of service for certain amount time against the attacks which couldn't be prevented by the currently deployed information security countermeasures. IT (Intrusion Tolerant) technology mainly makes use of the replication of service and system fur enhancing availability, and voting scheme and GMP (Croup Management Protocol) are used for the correctness of service. This paper presents a scheme to analyze dependability of IT (Intrusion Tolerant) technology through probabilistic and simulation method. Using suggested analysis scheme, we can analyze the robustness and make a sensible trade-offs in of IT (Intrusion Tolerant) technology.

  • PDF

Analysis of the Dependability of Voting and Group Management In the Intrusion Tolerant Technology (침입감내기술에서의 Voting 및 그룹관리 신뢰성 분석)

  • 이태진;김형종;이강신
    • Proceedings of the Korea Society for Simulation Conference
    • /
    • 2004.05a
    • /
    • pp.1-6
    • /
    • 2004
  • Intrusion tolerant technology is the technology to guarantee the Quality of service for certain amount time from the attacks which cannot be defended by the previous information security technologies. It increases the availability and confidentiality of the system by minimizing the damage from the attacks. And the fundamental components of the intrusion tolerant technology are voting and GMP(Group Management Protocol). In this paper, we present a new scheme to analyze the voting dependability and corrupt member detection dependability, which is very critical in GMP. Based on this scheme, we can make a new security policy and the methodology of analyzing the dependability itself also can be applicable to the other field.

  • PDF

A Vulnerability Analysis of Intrusion Tolerance System using Self-healing Mechanism (자가치유 메커니즘을 활용한 침입감내시스템의 취약성 분석)

  • Park, Bum-Joo;Park, Kie-Jin;Kim, Sung-Soo
    • Journal of KIISE:Computer Systems and Theory
    • /
    • v.32 no.7
    • /
    • pp.333-340
    • /
    • 2005
  • One of the most important core technologies required for the design of the ITS (Intrusion Tolerance System) that performs continuously minimal essential services even when the network-based computer system is partially compromised because of the external or internal intrusions is the quantitative dependability analysis of the ITS. In this paper, we applied self-healing mechanism, the core technology of autonomic computing to secure the protection power of the ITS. We analyzed a state transition diagram of the ITS composed of a Primary server and a backup server utilizing two factors of self-healing mechanism (fault model and system response) and calculated the availability of ITS through simulation experiments and also performed studies on two cases of vulnerability attack.

A Survivability Model of an Intrusion Tolerance System (침입감내시스템의 생존성 모델)

  • Park, Bum-Joo;Park, Kie-Jin;Kim, Sung-Soo
    • The KIPS Transactions:PartA
    • /
    • v.12A no.5 s.95
    • /
    • pp.395-404
    • /
    • 2005
  • There have been large concerns about survivability defined as the capability of a system to perform a mission-critical role, in a timely manner, in the presence of attacks, failures. In particular, One of the most important core technologies required for the design of the ITS(Intrusion Tolerance System) that performs continuously minimal essential services even when the computer system is partially compromised because of intrusions is the survivability one of In included the dependability analysis of a reliability and availability etc. quantitative dependability analysis of the In. In this Paper, we applied self-healing mechanism utilizing two factors of self-healing mechanism (fault model and system response), the core technology of autonomic computing to secure the protection power of the ITS and consisted of a state transition diagram of the ITS composed of a primary server and a backup server. We also defined the survivability, availability, and downtime cost of the ITS, and then performed studies on simulation experiments and two cases of vulnerability attack. Simulation results show that intrusion tolerance capability at the initial state is more important than coping capability at the attack state in terms of the dependability enhancement.

GEP-based Framework for Immune-Inspired Intrusion Detection

  • Tang, Wan;Peng, Limei;Yang, Ximin;Xie, Xia;Cao, Yang
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.4 no.6
    • /
    • pp.1273-1293
    • /
    • 2010
  • Immune-inspired intrusion detection is a promising technology for network security, and well known for its diversity, adaptation, self-tolerance, etc. However, scalability and coverage are two major drawbacks of the immune-inspired intrusion detection systems (IIDSes). In this paper, we propose an IIDS framework, named GEP-IIDS, with improved basic system elements to address these two problems. First, an additional bio-inspired technique, gene expression programming (GEP), is introduced in detector (corresponding to detection rules) representation. In addition, inspired by the avidity model of immunology, new avidity/affinity functions taking the priority of attributes into account are given. Based on the above two improved elements, we also propose a novel immune algorithm that is capable of integrating two bio-inspired mechanisms (i.e., negative selection and positive selection) by using a balance factor. Finally, a pruning algorithm is given to reduce redundant detectors that consume footprint and detection time but do not contribute to improving performance. Our experimental results show the feasibility and effectiveness of our solution to handle the scalability and coverage problems of IIDS.

Performance Evaluation of Snort System

  • Kim, Wan-Kyung;Soh, Woo-Young
    • Journal of the Speleological Society of Korea
    • /
    • no.80
    • /
    • pp.11-19
    • /
    • 2007
  • Most studies in the past in testing and benchmarking on Intrusion Detection System (IDS) were conducted as comparisons, rather than evaluation, on different IDSs. This paper presents the evaluation of the performance of one of the open source IDS, snort, in an inexpensive high availability system configuration. Redundancy and fault tolerance technology are used in deploying such IDS, because of the possible attacks that can make snort exhaust resources, degrade in performance and even crash. Several test data are used in such environment and yielded different results. CPU speed, Disk usage, memory utilization and other resources of the IDS host are also monitored. Test results with the proposed system configuration environment shows much better system availability and reliability, especially on security systems.

A Survey of Intrusion Tolerance System Research Trend (침입감내 시스템 연구 동향 조사)

  • Kwon, Oh-Min;Lim, Jung-Min;Yoon, Hyun-Soo
    • Proceedings of the Korean Information Science Society Conference
    • /
    • 2012.06c
    • /
    • pp.242-244
    • /
    • 2012
  • 최근 네트워크와 컴퓨팅 기술의 발전에 힘입어 대규모 시스템에 의해 다양한 서비스가 제공되고 있다. 하지만 이러한 시스템들의 긍정적인 효과에 반하여 악의적인 목적으로 시스템의 취약성을 이용한 보안을 위협하는 많은 공격들이 시도되고 있다. 본 논문에서는 이런 공격들에 대한 효과적인 대응책 중 하나인 침입감내 시스템의 연구 동향을 살펴보고, 그 방향성을 제시한다. 세부적으로는 효과적인 침입감내 시스템 설계를 위한 방법과 그에 관한 연구 실태에 대해서 기술한다.