Assessing the Attack Resilience Capabilities of a Fortified Primary Backup System

  1. Lookup NU author(s)
  2. Dr Dylan Clarke
  3. Dr Paul Ezhilchelvan
Author(s)Clarke D, Ezhilchelvan P
Publication type Conference Proceedings (inc. Abstract)
Conference Name4th DSN Workshop on Recent Advances in Intrusion-Tolerant Systems (WRAITS)
Conference LocationChicago, Illinois, USA
Year of Conference2010
Source Publication Date28 June 2010
Full text is available for this publication:
Primary-Backup service replication does not constrain that theservice be built as a deterministic state machine. It is meant totolerate crashes, not intrusions. We consider an approach, calledFORTRESS, for adding intrusion-resilience capability to aprimary-backup server system. It involves using proxies that blockclients from directly accessing servers, and periodicallyrandomizing the executables of proxies and servers. We argue thatproxies and proactive randomization can offer sound defense againstattacks including de-randomization attacks. Using simulations, wethen compare the attack resilience that FORTRESS adds to aprimary-backup server system with that attainable through statemachine replication (SMR) that is fit only for deterministicservices. A significant observation is that FORTRESS emerges to bemore resilient than an SMR system of four server replicas that arediversely randomized at the start and are subject to proactiverecovery throughout.