Document details

Diversity Management in Intrusion Tolerant Systems

Author(s): Henriques, Miguel Garcia Tavares

Date: 2011

Persistent ID: http://hdl.handle.net/10451/14061

Origin: Repositório da Universidade de Lisboa

Subject(s): Operating Systems; Intrusion Tolerance; Vulnerabilities; Proactive Recovery; Diversity


Description

One of the key benefits of using intrusion-tolerant systems is the possibility of ensuring correct behavior in the presence of attacks and intrusions. These security gains are directly dependent on the components exhibiting failure diversity. To what extent failure diversity is observed in practical deployment depends on how diverse are the components that constitute the system. In this thesis we present a study with operating systems (OS) vulnerability reports from the NIST National Vulnerability Database. We have analyzed the vulnerabilities of 11 different OS over a period of roughly 15 years, to check how many of these vulnerabilities occur in more than one OS. We found this number to be low for several combinations of OS. Hence, our analysis provides a strong indication that building a system with diverse OS may be a useful technique to improve its intrusion tolerance capabilities. However, even with diversity the attacker eventually will find vulnerabilities in all OS replicas. To mitigate/eliminate this problem we introduce diverse proactive recovery on the replicas. Proactive recovery is a technique that periodically rejuvenates the components of a replicated system. When used in the context of intrusiontolerant systems, in which faulty replicas may be under control of some malicious user, it allows the removal of intrusions from the compromised replicas. We propose that after each recovery a replica starts to run a different software. The selection of the new replica configuration is a non-trivial problem, as we will explain, since we would like to maximize the diversity of the system under the constraint of the available configurations.

Document Type Master thesis
Language English
Contributor(s) Repositório da Universidade de Lisboa
facebook logo  linkedin logo  twitter logo 
mendeley logo

Related documents