“On the Reliability and Availability of Systems Tolerant to Stealth Intrusion”

From Navigators

in Proceedings of the 5th Latin-American Symposium on Dependable Computing - LADC'11. São José dos Campos, Brazil. April 2011., Apr. 2011.

Abstract: This paper considers the estimation of reliability and availability of intrusion-tolerant systems subject to non-detectable intrusions. Our motivation comes from the observation that typical intrusion tolerance techniques may in certain circumstances worsen the non-functional properties they were meant to improve, such as dependability. We start by modeling attacks as adversarial efforts capable of affecting the intrusion rate probability of components of the system. Then, we analyze several configurations of intrusion-tolerant replication and proactive rejuvenation, to find which ones lead to security enhancements. We consider different attack and rejuvenation models and take into account the mission time of the overall system and the expected time to intrusion of its components. In doing so, we identify thresholds that distinguish between improvement and degradation. We compare the effects of replication and rejuvenation and highlight their complementarity, showing improvements of resilience not attainable with any of the techniques alone, but possible only as a synergy of their combination. We advocate the need for thorougher system models, by showing fundamental vulnerabilities arising from incomplete specifications.