Intrusion tolerance

Intrusion tolerance is a fault-tolerant design approach to defending information systems against malicious attack. Abandoning the conventional aim of preventing all intrusions, intrusion tolerance instead calls for triggering mechanisms that prevent intrusions from leading to a system security failure. Intrusion response is a key component of intrusion tolerance, in which an automated response is launched to a detected intrusion. Surveys of intrusion tolerance and intrusion response techniques can be found at the following links ^[1] and.^[2] The survey categorizes the response systems as either static or dynamic (or adaptive). Static systems are simple in nature and have a static mapping from the symptom of an intrusion to the response that should be taken. For example, when a packet with a malware sample is intercepted, blacklist the IP address from which the packet was sent. Dynamic systems are more complex and learn from the context and there is no fixed mapping from symptom to response action. For example, the initial response to the malware-laden packet may be to slow down further connection attempts and after some time blacklist the IP address and then blacklist the subnet that the IP address belongs to.

Projects in the intrusion tolerance area include the MAFTIA project (Malicious- and Accidental-Fault Tolerance for Internet Applications), which developed concepts and prototyped architectures. In the US, DARPA had a successful program in 2001-04 timeframe called OASIS^[3] which developed ways to enable critical computers to operate through a cyber attack, degrade gracefully if necessary, and allow real-time, controlled trade-offs between system performance and system security through such techniques as redundancy and diversity of operating systems.

See also

• Byzantine fault tolerance

References

External links

• Paulo Veríssimo, "Intrusion Tolerance: Concepts and Design Principles. A Tutorial."