The design of adaptive intrusion tolerance system based on virtualization = 가상화 기반의 능동형 침입감내시스템 설계

Cited 0 time in webofscience Cited 0 time in scopus
  • Hit : 401
  • Download : 0
Recently the building of strong intrusion tolerance systems is in great demand since the openness and the distributed nature of information systems are easily used to compromise the systems by intentional attacks. To achieve intrusion tolerance by enabling the systems survive various types of intrusions, we suggest a novel approach, Adaptive Cluster Transformation (ACT) and several advanced schemes, in this paper. Instead of using a fixed cluster size as in conventional approaches, ACT adapts a variable cluster size depending on the system status. This is proved to maintain good quality of service (QoS). In addition, the early prediction of incoming massive packets makes ACT possible to replace any damaged clusters with new ones consisting of pristine virtual machines (VMs). This also contributes to defend the system against a Denial of Service (DoS). Two schemes are suggested in order to complement ACT:vulnerability-based VM selection and fast transformation based on historical data. In case current cluster should be expanded, new VMs are chosen based on each VM`s vulnerability. It is verified that this process helps to reduce the data leakage of whole system through adjusting the frequency of exposure according to vulnerability. Also, if enough historical data is secured, much more fast transformation than the case of using only ACT is possible. This is because next incoming packet rate is expected through historical data map generated through enough learning process. The performance of ACT is compared with other fixed size of VM cluster architectures by CSIM 20. And it is verified that the proposed method is more effective in maintaining the specific level of QoS as well as providing strong security to targeted system. Furthermore, as the number of exposure increases, the rate of information leakage with vulnerability-based VM selection is drastically decreased.
Advisors
Yoon, Hyun-Sooresearcher윤현수
Description
한국과학기술원 : 전산학과,
Publisher
한국과학기술원
Issue Date
2014
Identifier
591850/325007  / 020115251
Language
eng
Description

학위논문(박사) - 한국과학기술원 : 전산학과, 2014.8, [ v, 67 p. ]

Keywords

adaptive intrusion tolerance systems; 히스토리 데이터; 취약성 기반 가상 머신 선정; 클러스터 변환; 서비스 거부공격; 능동형 침입감내시스템; Denial of Service (DoS); cluster transformation; vulerability-based VM selection; historical data

URI
http://hdl.handle.net/10203/197837
Link
http://library.kaist.ac.kr/search/detail/view.do?bibCtrlNo=591850&flag=dissertation
Appears in Collection
CS-Theses_Ph.D.(박사논문)
Files in This Item
There are no files associated with this item.

qr_code

  • mendeley

    citeulike


rss_1.0 rss_2.0 atom_1.0