Intrusion Tolerance (2014 Year in Review)

 

 
SoS Logo

Intrusion Tolerance (2014)

This bibliography is a 2014 year in review collection. Intrusion tolerance refers to a fault-tolerant design approach to defending communications, computer and other information systems against malicious attack. Rather than detecting all anomalies, tolerant systems only identify those intrusions which lead to security failures. This collection cites publications of interest addressing new methods of building secure fault tolerant systems.

Wei Min; Keecheon Kim, "Intrusion Tolerance Mechanisms Using Redundant Nodes for Wireless Sensor Networks," Information Networking (ICOIN), 2014 International Conference on, pp. 131, 135, 10-12 February 2014. doi: 10.1109/ICOIN.2014.6799679 Wireless sensor networks extend people's ability to explore, monitor, and control the physical world. Wireless sensor networks are susceptible to certain types of attacks because they are deployed in open and unprotected environments. Novel intrusion tolerance architecture is proposed in this paper. An expert intrusion detection analysis system and an all-channel analyzer are introduced. A proposed intrusion tolerance scheme is implemented. Results show that this scheme can detect data traffic and re-route it to a redundant node in the wireless network, prolong the lifetime of the network, and isolate malicious traffic introduced through compromised nodes or illegal intrusions.

Keywords: data communication; telecommunication channels; telecommunication network routing; telecommunication security; telecommunication traffic; wireless sensor networks; all-channel analyzer; data traffic detection; expert intrusion detection analysis system; intrusion tolerance architecture; intrusion tolerance mechanisms; re-route detection; redundant node; redundant nodes; wireless sensor networks; Intrusion detection; Monitoring ;Protocols; Routing; Wireless networks; Wireless sensor networks; Wireless Sensor networks; intrusion tolerance; security (ID#: 15-3645)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6799679&isnumber=6799467

Hemalatha, A.; Venkatesh, R., "Redundancy Management In Heterogeneous Wireless Sensor networks," Communications and Signal Processing (ICCSP), 2014 International Conference on, pp.1849,1853, 3-5 April 2014. doi: 10.1109/ICCSP.2014.6950165 A Wireless sensor network is a special type of Ad Hoc network, composed of a large number of sensor nodes spread over a wide geographical area. Each sensor node has the wireless communication capability and sufficient intelligence for making signal processing and dissemination of data from the collecting center .In this paper deals about redundancy management for improving network efficiency and query reliability in heterogeneous wireless sensor networks. The proposed scheme deals about finding a reliable path by using redundancy management algorithm and detection of unreliable nodes by discarding the path. The redundancy management algorithm finds the reliable path based on redundancy level, average distance between a source node and destination node and analyzes the redundancy level as the path and source redundancy. For finding the path from source CH to processing center we propose intrusion tolerance in the presence of unreliable nodes. Finally we applied our analyzed result to redundancy management algorithm to find the reliable path in which the network efficiency and Query success probability will be improved.

Keywords: ad hoc networks; probability queueing theory; redundancy; signal processing; telecommunication network reliability; wireless sensor networks; ad hoc network; destination node; geographical area; heterogeneous wireless sensor networks; intrusion tolerance; network efficiency; query reliability; query success probability; redundancy management algorithm; signal dissemination; signal processing; source node; unreliable nodes detection; Ad hoc networks; Indexes; Quality of service; Redundancy; Tin; Wireless sensor networks; intrusion tolerance; multipath routing; reliability; wireless sensor network (ID#: 15-3646)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6950165&isnumber=6949766

Ing-Ray Chen; Jia Guo, "Dynamic Hierarchical Trust Management of Mobile Groups and Its Application to Misbehaving Node Detection," Advanced Information Networking and Applications (AINA), 2014 IEEE 28th International Conference on, pp. 49, 56, 13-16 May 2014. doi: 10.1109/AINA.2014.13 In military operation or emergency response situations, very frequently a commander will need to assemble and dynamically manage Community of Interest (COI) mobile groups to achieve a critical mission assigned despite failure, disconnection or compromise of COI members. We combine the designs of COI hierarchical management for scalability and reconfigurability with COI dynamic trust management for survivability and intrusion tolerance to compose a scalable, reconfigurable, and survivable COI management protocol for managing COI mission-oriented mobile groups in heterogeneous mobile environments. A COI mobile group in this environment would consist of heterogeneous mobile entities such as communication-device-carried personnel/robots and aerial or ground vehicles operated by humans exhibiting not only quality of service (QoS) characters, e.g., competence and cooperativeness, but also social behaviors, e.g., connectivity, intimacy and honesty. A COI commander or a subtask leader must measure trust with both social and QoS cognition depending on mission task characteristics and/or trustee properties to ensure successful mission execution. In this paper, we present a dynamic hierarchical trust management protocol that can learn from past experiences and adapt to changing environment conditions, e.g., increasing misbehaving node population, evolving hostility and node density, etc. to enhance agility and maximize application performance. With trust-based misbehaving node detection as an application, we demonstrate how our proposed COI trust management protocol is resilient to node failure, disconnection and capture events, and can help maximize application performance in terms of minimizing false negatives and positives in the presence of mobile nodes exhibiting vastly distinct QoS and social behaviors.

Keywords: emergency services; military communication; mobile computing; protocols; quality of service; telecommunication security; trusted computing; COI dynamic hierarchical trust management protocol; COI mission-oriented mobile group management; aerial vehicles; agility enhancement; application performance maximization; communication-device-carried personnel; community-of-interest mobile groups; competence; connectivity; cooperativeness; emergency response situations; ground vehicles; heterogeneous mobile entities; heterogeneous mobile environments; honesty; intimacy ;intrusion tolerance; military operation; misbehaving node population; node density; quality-of-service characters; robots; social behaviors; survivable COI management protocol; trust measurement; trust-based misbehaving node detection; Equations; Mathematical model; Mobile communication; Mobile computing; Peer-to-peer computing; Protocols; Quality of service; Trust management; adaptability; community of interest; intrusion detection; performance analysis; scalability (ID#: 15-3647)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6838647&isnumber=6838626

Myalapalli, V.K.; Chakravarthy, A.S.N., "A Unified Model For Cherishing Privacy In Database System An Approach To Overhaul Vulnerabilities," Networks & Soft Computing (ICNSC), 2014 First International Conference on, pp.263,266, 19-20 Aug. 2014. doi: 10.1109/CNSC.2014.6906658 Privacy is the most anticipated aspect in many perspectives especially with sensitive data and the database is being targeted incessantly for vulnerability. The database must be persistently monitored for ensuring comprehensive security. The proposed model is intended to cherish the database privacy by thwarting intrusions and inferences. The Database Static protection and Intrusion Tolerance Subsystem proposed in the architecture bolster this practice. This paper enunciates Privacy Cherished Database architecture model and how it achieves security under sundry circumstances.

Keywords: data privacy; database management systems; security of data; database static protection; database system privacy; inference thwarting; intrusion thwarting; intrusion tolerance subsystem; privacy cherished database architecture model; security; Decision support systems; Handheld computers; Database Security; Database Security Configurations; Inference Detection; Intrusion detection; security policy (ID#: 15-3648)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6906658&isnumber=6906636

Wenbing Zhao, "Application-Aware Byzantine Fault Tolerance," Dependable, Autonomic and Secure Computing (DASC), 2014 IEEE 12th International Conference on, pp.45,50, 24-27 Aug. 2014 doi: 10.1109/DASC.2014.17 Byzantine fault tolerance has been intensively studied over the past decade as a way to enhance the intrusion resilience of computer systems. However, state-machine-based Byzantine fault tolerance algorithms require deterministic application processing and sequential execution of totally ordered requests. One way of increasing the practicality of Byzantine fault tolerance is to exploit the application semantics, which we refer to as application-aware Byzantine fault tolerance. Application-aware Byzantine fault tolerance makes it possible to facilitate concurrent processing of requests, to minimize the use of Byzantine agreement, and to identify and control replica nondeterminism. In this paper, we provide an overview of recent works on application-aware Byzantine fault tolerance techniques. We elaborate the need for exploiting application semantics for Byzantine fault tolerance and the benefits of doing so, provide a classification of various approaches to application-aware Byzantine fault tolerance, and outline the mechanisms used in achieving application-aware Byzantine fault tolerance according to our classification.

Keywords: client-server systems; concurrency control; finite state machines; security of data; software fault tolerance; Byzantine agreement; application semantics; application-aware Byzantine fault tolerance; computer system intrusion resilience enhancement; deterministic application processing; replica nondeterminism; request concurrent processing; sequential execution; state-machine-based Byzantine fault tolerance algorithm; totally ordered request; Algorithm design and analysis; Fault tolerance; Fault tolerant systems; Message systems; Semantics; Servers; System recovery; Application Nondeterminism; Application Semantics; Application-Aware Byzantine Fault Tolerance; Deferred Byzantine Agreement; Dependability; Intrusion Resilience (ID#: 15-3649)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6945302&isnumber=6945641

Fonseca, J.; Seixas, N.; Vieira, M.; Madeira, H., "Analysis of Field Data on Web Security Vulnerabilities," Dependable and Secure Computing, IEEE Transactions on, vol.11, no.2, pp.89, 100, March-April 2014 doi: 10.1109/TDSC.2013.37 Most web applications have critical bugs (faults) affecting their security, which makes them vulnerable to attacks by hackers and organized crime. To prevent these security problems from occurring it is of utmost importance to understand the typical software faults. This paper contributes to this body of knowledge by presenting a field study on two of the most widely spread and critical web application vulnerabilities: SQL Injection and XSS. It analyzes the source code of security patches of widely used Web applications written in weak and strong typed languages. Results show that only a small subset of software fault types, affecting a restricted collection of statements, is related to security. To understand how these vulnerabilities are really exploited by hackers, this paper also presents an analysis of the source code of the scripts used to attack them. The outcomes of this study can be used to train software developers and code inspectors in the detection of such faults and are also the foundation for the research of realistic vulnerability and attack injectors that can be used to assess security mechanisms, such as intrusion detection systems, vulnerability scanners, and static code analyzers.

Keywords: Internet; SQL; security of data; software fault tolerance; source code (software); SQL injection; Web application vulnerabilities; Web security vulnerabilities; XSS; attack injectors; code inspectors; field data analysis; intrusion detection systems; realistic vulnerability; security mechanisms; security patches; software faults; source code; static code analyzers; vulnerability scanners; Awards activities; Blogs; Internet; Java; Security; Software; Internet applications; Security; languages; review and evaluation (ID#: 15-3650)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6589556&isnumber=6785951

Hua Chai; Wenbing Zhao, "Towards Trustworthy Complex Event Processing," Software Engineering and Service Science (ICSESS), 2014 5th IEEE International Conference on, pp.758,761, 27-29 June 2014. doi: 10.1109/ICSESS.2014.6933677 Complex event processing has become an important technology for big data and intelligent computing because it facilitates the creation of actionable, situational knowledge from potentially large amount events in soft realtime. Complex event processing can be instrumental for many mission-critical applications, such as business intelligence, algorithmic stock trading, and intrusion detection. Hence, the servers that carry out complex event processing must be made trustworthy. In this paper, we present a threat analysis on complex event processing systems and describe a set of mechanisms that can be used to control various threats. By exploiting the application semantics for typical event processing operations, we are able to design lightweight mechanisms that incur minimum runtime overhead appropriate for soft realtime computing.

Keywords: Big Data; trusted computing; Big Data; actionable situational knowledge; algorithmic stock trading; application semantics; business intelligence; complex event processing; event processing operations ;intelligent computing; intrusion detection; minimum runtime overhead; mission-critical applications; servers; soft realtime computing; threat analysis; trustworthy; Business; Context; Fault tolerance; Fault tolerant systems; Runtime; Servers; Synchronization; Big Data; Business Intelligence; Byzantine Fault Tolerance; Complex Event Processing; Dependable Computing; Trust (ID#: 15-3652)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6933677&isnumber=6933501

Fonseca, J.; Vieira, M.; Madeira, H., "Evaluation of Web Security Mechanisms Using Vulnerability & Attack Injection," Dependable and Secure Computing, IEEE Transactions on, vol. 11, no.5, pp.440, 453, Sept.-Oct. 2014. doi: 10.1109/TDSC.2013.45 In this paper we propose a methodology and a prototype tool to evaluate web application security mechanisms. The methodology is based on the idea that injecting realistic vulnerabilities in a web application and attacking them automatically can be used to support the assessment of existing security mechanisms and tools in custom setup scenarios. To provide true to life results, the proposed vulnerability and attack injection methodology relies on the study of a large number of vulnerabilities in real web applications. In addition to the generic methodology, the paper describes the implementation of the Vulnerability & Attack Injector Tool (VAIT) that allows the automation of the entire process. We used this tool to run a set of experiments that demonstrate the feasibility and the effectiveness of the proposed methodology. The experiments include the evaluation of coverage and false positives of an intrusion detection system for SQL Injection attacks and the assessment of the effectiveness of two top commercial web application vulnerability scanners. Results show that the injection of vulnerabilities and attacks is indeed an effective way to evaluate security mechanisms and to point out not only their weaknesses but also ways for their improvement.

Keywords: Internet; SQL; fault diagnosis; security of data; software fault tolerance; SQL Injection attacks; VAIT; Web application security mechanism evaluation; attack injection methodology; fault injection; intrusion detection system; vulnerability injection methodology; vulnerability-&-attack injector tool; Databases; Educational institutions; Input variables; Probes; Security; Software; TV; Security; fault injection; internet applications; review and evaluation (ID#: 15-3653)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6629992&isnumber=6893064

Kirsch, J.; Goose, S.; Amir, Y.; Dong Wei; Skare, P., "Survivable SCADA Via Intrusion-Tolerant Replication," Smart Grid, IEEE Transactions on vol. 5, no. 1, pp. 60, 70, Jan. 2014. doi: 10.1109/TSG.2013.2269541 Providers of critical infrastructure services strive to maintain the high availability of their SCADA systems. This paper reports on our experience designing, architecting, and evaluating the first survivable SCADA system-one that is able to ensure correct behavior with minimal performance degradation even during cyber attacks that compromise part of the system. We describe the challenges we faced when integrating modern intrusion-tolerant protocols with a conventional SCADA architecture and present the techniques we developed to overcome these challenges. The results illustrate that our survivable SCADA system not only functions correctly in the face of a cyber attack, but that it also processes in excess of 20 000 messages per second with a latency of less than 30 ms, making it suitable for even large-scale deployments managing thousands of remote terminal units.

Keywords: SCADA systems; fault tolerance; production engineering computing; security of data; SCADA architecture; cyberattacks; intrusion-tolerant protocols; intrusion-tolerant replication; performance degradation; survivable SCADA system; Clocks; Libraries; Monitoring; Protocols; SCADA systems; Servers; Synchronization; Cyberattack; SCADA systems; fault tolerance; reliability; resilience; survivability (ID#: 15-3654)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6576306&isnumber=6693741

Di Benedetto, M.D.; D'Innocenzo, A.; Smarra, F., "Fault-tolerant Control Of A Wireless HVAC Control System," Communications, Control and Signal Processing (ISCCSP), 2014 6th International Symposium on, pp.235,238, 21-23 May 2014. doi: 10.1109/ISCCSP.2014.6877858 In this paper we address the problem of designing a fault tolerant control scheme for an HVAC control system where sensing and actuation data are exchanged with a centralized controller via a wireless sensors and actuators network where the communication nodes are subject to permanent failures and malicious intrusions.

Keywords: HVAC; actuators; building management systems; failure analysis; fault tolerant control; wireless sensor networks; actuators network; centralized controller; communication nodes; fault tolerant control scheme; fault-tolerant control; malicious intrusions; permanent failures; sensing and actuation data; wireless HVAC control system; wireless sensors; Atmospheric modeling; Control systems; Fault tolerance; Fault tolerant systems; Sensors; Wireless communication; Wireless sensor networks; Building automation; fault detection; wireless sensor networks (ID#: 15-3655)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6877858&isnumber=6877795

Note:

Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to news@scienceofsecurity.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.