Lookup NU author(s): Dr Dylan Clarke,
Dr Paul Ezhilchelvan
Primary-Backup service replication does not constrain that theservice be built as a deterministic state machine. It is meant totolerate crashes, not intrusions. We consider an approach, calledFORTRESS, for adding intrusion-resilience capability to aprimary-backup server system. It involves using proxies that blockclients from directly accessing servers, and periodicallyrandomizing the executables of proxies and servers. We argue thatproxies and proactive randomization can offer sound defense againstattacks including de-randomization attacks. Using simulations, wethen compare the attack resilience that FORTRESS adds to aprimary-backup server system with that attainable through statemachine replication (SMR) that is fit only for deterministicservices. A significant observation is that FORTRESS emerges to bemore resilient than an SMR system of four server replicas that arediversely randomized at the start and are subject to proactiverecovery throughout.
Author(s): Clarke D, Ezhilchelvan P
Publication type: Conference Proceedings (inc. Abstract)
Conference Name: 4th DSN Workshop on Recent Advances in Intrusion-Tolerant Systems (WRAITS)
Year of Conference: 2010