“SieveQ: A Layered BFT Protection System for Critical Services”
IEEE Transactions on Dependable and Secure Computing, vol. 15, no. 3, pp. 511–525, Jun. 2018.accepted for publication.
Abstract: Firewalls play a crucial role in assuring the security of today’s critical infrastructures, forming a first line of defense by being placed strategically at the front-end of the networks. Sometimes, however, they have exploitable weaknesses, allowing an adversary to bypass them in different ways. Therefore, their design should include improved resilience capabilities to allow them to operate correctly in highly adverse environments. This paper proposes SieveQ, a message queue service that protects and regulates the access to critical systems, in a way similar to an application-level firewall. SieveQ achieves fault and intrusion tolerance by employing an architecture based on two filtering layers, enabling efficient removal of invalid messages at early stages and decreasing the costs associated with Byzantine Fault-Tolerant (BFT) replication of previous solutions. Our experimental evaluation shows that SieveQ improves existing replicated-firewalls resilience in the presence of corrupted messages by faulty nodes. Furthermore, it accommodates high loads, as it is able to handle sixteen times more security events per second than what was processed by the SIEM employed in the 2012 Summer Olympic Games.
Research line(s): Fault and Intrusion Tolerance in Open Distributed Systems (FIT)