New intrusion tolerance software fortifies server secrurity
June 16, 2008In spite of increased focus and large investments in computer security, critical infrastructure systems remain vulnerable to attacks, says Arun Sood, professor of computer science at George Mason University. The increasing sophistication and incessant morphing of cyber-attacks lend importance to the concept of intrusion tolerance: a system must fend off, or at least limit, the damage caused by unknown and/or undetected attacks.
"The problem is that no matter how much investment is made in intrusion prevention and detection, intruders will still manage to break through and trespass on computer servers," says Sood. "By looking at this problem from a different angle, we developed a way to contain the losses that may occur because of an intrusion."
Sood, who is the director of the Laboratory of Interdisciplinary Computer Science at Mason, along with Yin Huang, senior research scientist in the Center for Secure Information Systems at Mason, created the Self Cleansing Intrusion Tolerance (SCIT) technology to provide an additional layer of defense to security architecture with firewalls and intrusion prevention and detection systems. While typical approaches to computer security are reactive and require prior knowledge of all attack modalities and software vulnerabilities, intrusion tolerance is a proactive approach to security.
In the SCIT approach, a server that has been online is assumed to have been compromised. SCIT servers are focused on limiting the losses that can occur because of an external intrusion, and achieve this goal by limiting the exposure time of the server to the Internet. Exposure time is defined as. the duration of time that a server is continuously connected to the Internet. Through the use of virtualization technology, duplicate servers are created and an online server is periodically cleansed and restored to a known clean state, regardless of whether an intrusion has been detected. These regular cleansings take place in sub-minute intervals.
"This approach of regular cleansings, when coupled with existing intrusion prevention and detection systems, leads to increased overall security," says Sood. "We know that intrusion detection systems can detect sudden increases in data throughput from a server, so to avoid detection, hackers steal data at low rates. SCIT interrupts the flow of data regularly and automatically, and the data ex-filtration process is interrupted every cleansing cycle. Thus, SCIT, in partnership with intrusion detection systems, limits the volume of data that can be stolen."
By reducing exposure time, SCIT provides an additional level of protection while efforts are ongoing to find and fix vulnerabilities and correct configuration errors.
Source: George Mason University
-
A few hacker teams do most China-based data theft
Dec 12, 2011 |
4 / 5 (8) |
1
-
ONR helps undersea robots get the big picture
Dec 03, 2011 |
5 / 5 (2) |
0
-
HP slams 'sensational' reports about LaserJet printer hack vulnerability
Nov 30, 2011 |
5 / 5 (3) |
32
-
Study Shows Thousands of Consumer Internet Connectivity Devices Are Vulnerable to Attack
Oct 26, 2009 |
5 / 5 (1) |
0
-
Self-learning security system for computer networks
Jul 09, 2009 |
not rated yet |
0
-
Engineers build first sub-10-nm carbon nanotube transistor
Feb 01, 2012 |
4.9 / 5 (31) |
30
-
Something old, something new: Evolution and the structural divergence of duplicate genes
Jan 31, 2012 |
4.6 / 5 (7) |
1
-
The hidden nanoworld of ice crystals: Revealing the dynamic behavior of quasi-liquid layers
Jan 30, 2012 |
5 / 5 (3) |
1
-
Stock market network reveals investor clustering
Jan 27, 2012 |
3.9 / 5 (23) |
8
-
Of microchemistry and molecules: Electronic microfluidic device synthesizes biocompatible probes
Jan 26, 2012 |
5 / 5 (1) |
0
-
Synergistic relations between computer science and technology.
Feb 06, 2012
-
how do iphone gloves work?
Feb 05, 2012
-
iPhone battery over time
Jan 30, 2012
-
Best alternate Tablet to an iPad for writing math or physics equations?
Jan 26, 2012
-
Sending SMS to a website
Jan 20, 2012
-
Need help with my technical fest!
Jan 19, 2012
- More from Physics Forums - Computing & Technology
More news stories
Google might launch Drive for cloud storage soon
(PhysOrg.com) -- Google's next big move, according to the Wall Street Journal, is a cloud storage service called Drive. Hardly first to the plate, Google is simply catching up to introducing its cloud reposi ...
18 minutes ago |
5 / 5 (1) |
0
|
Love a click away in Indonesia's Twitter Republic
He was a geeky kid from Yogyakarta, she a glamorous city girl in Jakarta. In a country with one of the world's most vibrant social networking scenes they fell in love on Twitter.
1 hour ago |
not rated yet |
0
Walney offshore wind farm is world's biggest (for now)
(PhysOrg.com) -- The Walney wind farm on the Irish Sea--characterized by high tides, waves and windy weather--officially opened this week. The farm is treated in the press as a very big deal as the Walney ...
Technology / Energy & Green Tech
20 hours ago |
4 / 5 (11) |
33
|
GPS court ruling leaves US phone tracking unclear
A US Supreme Court decision requiring a warrant to place a GPS device on the car of a criminal suspect leaves unresolved the bigger issue of police tracking using mobile phones, legal experts say.
20 hours ago |
4 / 5 (2) |
0
Europeans protest controversial Internet pact
Tens of thousands of people marched in protests in more than a dozen European cities Saturday against a controversial anti-online piracy pact that critics say could curtail Internet freedom.
16 hours ago |
4.6 / 5 (9) |
0
Latin America mining boom clashes with conservation
Latin America is experiencing a mining boom as prices rise fuelled by a hike in global demand, but the region is also being hit by a wave of violent protests, strikes and rallies by environmentalists.
Europe stakes billion-dollar bet on new rocket
A pencil-slim rocket is scheduled to lift into space from South America on Monday, carrying a billion-dollar bet that Europe can grab a juicy slice of the market to place satellites in low orbit.
Study finds that anti-diabetic medication can prevent the long-term effects of maternal obesity
In a study to be presented today at the Society for Maternal-Fetal Medicine's annual meeting, The Pregnancy Meeting, in Dallas, Texas, researchers will report findings that show that short therapy with the anti-diabetic medication ...
Netflix settlement trims 14 pct off 4Q earnings
(AP) -- Netflix pressed the rewind button on its fourth-quarter earnings after settling allegations that the video subscription service violated a consumer-privacy law.
Navy to begin tests on electromagnetic railgun prototype launcher
The Office of Naval Research (ONR)'s Electromagnetic (EM) Railgun program will take an important step forward in the coming weeks when the first industry railgun prototype launcher is tested at a facility ...
Explained: Sigma
It's a question that arises with virtually every major new finding in science or medicine: What makes a result reliable enough to be taken seriously? The answer has to do with statistical significance -- but ...
Jun 17, 2008
Rank: not rated yet
Jun 17, 2008
Rank: not rated yet