1 / 5

Intrusion Tolerance by Unpredictable Adaptation Integration Ideas

Intrusion Tolerance by Unpredictable Adaptation Integration Ideas. William H. Sanders Michel Cukier James Lyons Prashant Pandey Hari Ramasamy. Jeanna Gossett. Partha Pal Ron Watro Franklin Webber. Not for public release. Observations. What kind of integration: over lifecycle?

jess
Download Presentation

Intrusion Tolerance by Unpredictable Adaptation Integration Ideas

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Intrusion Tolerance by Unpredictable Adaptation Integration Ideas William H. Sanders Michel Cukier James Lyons Prashant Pandey Hari Ramasamy Jeanna Gossett Partha Pal Ron Watro Franklin Webber Not for public release

  2. Observations • What kind of integration: • over lifecycle? • i.e. a framework that will integrate intrusion-tolerant solutions that cover systems from development to operational? • over functionality? • The integrated system should have aspects of storage, database transaction, networked interaction, general purpose applications etc? • over mechanisms covering different attacks and vulnerabilities? • over mechanisms of different themes? • What we have now: • mostly individual intrusion-tolerant solutions with different themes: • different applicability

  3. Themes Observed • Redundancy • new communication protocols • distribution of management • Adaptation • Awareness • manage lack of accuracy in IDS • Effects of intrusion on resource availability • Application’s survival • (as opposed to infrastructure) • Autonomic, rapid reaction • Use of deception tactics • dynamism, unpredictability, obfuscation etc

  4. What we need next • An integration context • to tie in different mechanisms • An architecture? A real system? • will depend on the kind of integration we are looking at • Rationale behind the proposed integration • Validation • Integration itself is a big challenge • start small? • incremental?

  5. Hard Problems • Interoperability and Composability • What interfaces need to be defined in order to provide interoperability? • Do different techniques have conflicting assumptions or goals? • Is the whole greater than the sum of the parts? • Can a specific mechanism, developed in a limited context, can be applied in a larger context with multiple mechanisms? • Validation • Techniques presented applicable to small systems, or small parts of large systems. How can we scale these to large-scale, integrated, systems? • Validation of parts DOES NOT imply validation of the combined parts. Can we develop methodologies that permit the composition in a way that preserves validation results? • Can we quantify the likelihood of the assumptions that are made are true? How can this quantification be used in an overall validation? • How will attackers be modeled?

More Related