Realizing Cyber Resilience with Hybrid Intrusion Tolerance Architectures

Files

Nagarajan_gmu_0883E_11427.pdf (2.67 MB)

Date

2017

Authors

Nagarajan, Ajay

Journal Title

Journal ISSN

Volume Title

Publisher

Abstract

The current approach to security is based on perimeter defense and relies on firewalls, intrusion detection systems (IDS), and intrusion prevention systems (IPS). These systems require a priori information about attack patterns and system vulnerabilities. With ever-increasing bandwidth and thousands of unique malware signatures coming out every day, it is becoming impractical to prevent every intrusion. And so, intrusion tolerance assumes that intrusions are inevitable and focuses efforts on minimizing the impact of intrusions. The variety and complexity of cyber-attacks is increasing. Various industry data breach investigation reports suggest that customized malware are difficult to detect and data ex-filtration often occurs over a period of days, weeks and months. The attackers’ strong motivation leads to organized and targeted cyber-attacks. The current intrusion detection and prevention approaches are reactive in nature and inadequate to prevent all attacks.

Description

Keywords

Computer science, Cyber Resilience, Intrusion tolerance, Proactive Recovery, Risk Mitigation, SCIT, Self-cleansing Intrusion Tolerance

Citation

URI

https://hdl.handle.net/1920/11309

Collections

College of Engineering and Computing