Intrusion Tolerant System Architecture

Intrusion Tolerant System Architecture

Byoung Joon Min : Department of Computer Engineering, University of Incheon, Incheon 402-749, Korea. (TEL) +82-32-770-8497 (FAX) +82-32-766-6894 (E-Mail) bjmin@incheon.ac.kr

Sung Won Sohn : Information Security Research Division, Electronics and Telecommunications Research Institute, Daejeon 305-350, Korea. (TEL) +82-42-860-1900, (FAX) +82-42-860-5611, (E-Mail) swsohn@etri.re.kr

Abstract

In many mission-critical applications, important services should be maintained properly under any circumstances including the presence of compromised components caused by intentional attacks. An architecture adopting diverse redundant computing nodes with cooperative security management is proposed. At intra-node level, by means of dynamic resource reallocation within a computing node, the critical services previously selected are to survive even after the occurrence of an attack. If it becomes impossible to find enough resources for the services within the node in spite of the adaptive actions taken, it moves to inter-node level. The inter-node level mechanism is to deliver the intended services transparently to the clients even when a node fails by means of inter-node resource reallocation. An architecture adopting diverse redundant computing nodes is proposed for that purpose. We also propose a cooperative management method to increase the service survivability in a large-scale networked information system. The system is composed of multiple domains and there exists a domain manager in each domain, which is responsible to monitor network traffics and control resource usage in the domain. Though the experiment on a test-bed, the proposed architecture was verified to be able to maintain high survivability in a cost-effect manner even when DDoS(Distributed Denial of Service) attacks exist.

Short Biography

Byoung Joon Min : He received the PhD degree in Electrical and Computer Engineering from the University of California, Irvine in 1991. He is currently a professor at the University of Incheon, Korea. Before joining the university in 1995, he was a research staff at Samsung Electronics and at Korea Telecom. His research interests include dependable distributed systems, network management, and Security.

Sung Won Sohn : Dr. Sohn is a vice president of Electronics and Telecommunications and Research Institute. He is in charge of Information Security Research Division.