Sciweavers

CN
2007

Automated adaptive intrusion containment in systems of interacting services

14 years 13 days ago
Automated adaptive intrusion containment in systems of interacting services
Large scale distributed systems typically have interactions among different services that create an avenue for propagation of a failure from one service to another. The failures being considered may be the result of natural failures or malicious activity, collectively called disruptions. To make these systems tolerant to failures it is necessary to contain the spread of the occurrence automatically once it is detected. The objective is to allow certain parts of the system to continue to provide partial functionality in the system in the face of failures. Real world situations impose several constraints on the design of such a disruption tolerant system of which we consider the following – the alarms may have type I or type II errors; it may not be possible to change the service itself even though the interaction may be changed; attacks may use steps that are not anticipated a priori; and there may be bursts of concurrent alarms. We present the design and implementation of a system ...
Yu-Sung Wu, Bingrui Foo, Yu-Chun Mao, Saurabh Bagc
Added 12 Dec 2010
Updated 12 Dec 2010
Type Journal
Year 2007
Where CN
Authors Yu-Sung Wu, Bingrui Foo, Yu-Chun Mao, Saurabh Bagchi, Eugene H. Spafford
Comments (0)