Realizing Cyber Resilience with Hybrid Intrusion Tolerance Architectures




Nagarajan, Ajay

Journal Title

Journal ISSN

Volume Title



The current approach to security is based on perimeter defense and relies on firewalls, intrusion detection systems (IDS), and intrusion prevention systems (IPS). These systems require a priori information about attack patterns and system vulnerabilities. With ever-increasing bandwidth and thousands of unique malware signatures coming out every day, it is becoming impractical to prevent every intrusion. And so, intrusion tolerance assumes that intrusions are inevitable and focuses efforts on minimizing the impact of intrusions. The variety and complexity of cyber-attacks is increasing. Various industry data breach investigation reports suggest that customized malware are difficult to detect and data ex-filtration often occurs over a period of days, weeks and months. The attackers’ strong motivation leads to organized and targeted cyber-attacks. The current intrusion detection and prevention approaches are reactive in nature and inadequate to prevent all attacks.



Computer science, Cyber Resilience, Intrusion tolerance, Proactive Recovery, Risk Mitigation, SCIT, Self-cleansing Intrusion Tolerance