(404) Http failure response for https://api.library.tamu.edu/scholars-discovery/individual/n34750SE: 404 Not Found
An intrusion-tolerant and self-recoverable network service system using a security enhanced chip multiprocessor | Conference Paper individual record
abstract

This paper proposes a novel system design using a chip multiprocessor (CMP) to provide intrusion tolerance and self-recovery for server applications. Our platform provides three major advantages over previously proposed approaches, 1) security insulation from remote exploits and attacks; 2) close coupling between processor cores in a CMP to ensure immediate logging, fine-grained inspection and fast recovery; 3) concurrent and fine-grained inspection, logging and recovery techniques that are off of the critical path. We have designed a multi-point defense and recovery system to defeat remote exploits. We used a checkpoint based approach to recover server applications under attack. It takes a snapshot of the application's context and memory state before it handles the next request. If the request turns out to be malicious, the system can discard the malicious request and rollback the application's state to a known good one through checkpointing. We have also designed an rapid recovery system for kernel space rootkit attacks. Our intrusion survivable and self-recovery design provides reliable production services that System Administrators are seeking.

authors
author list (cited authors)
Shi, W., Lee, H., Gu, G., Falk, L., Mudge, T. N., & Ghosh, M.
publication date
2005
keywords
  • Self-healing
  • Buffer Overflow.
  • Costs
  • Self Recovery
  • Humans
  • Server Applications
  • Checkpointing
  • Reliable Production Services
  • Security Of Data
  • Buffer Storage
  • Survivable Service
  • Kernel Space Rootkit Attacks
  • Chip Multi Processor
  • Fault Tolerant Computing
  • Inspection
  • Intrusion-tolerant Computing
  • Operating System Kernels
  • Computer Security
  • Microprocessor Chips
  • Rootkits
  • Rapid Recovery System
  • Intrusion Tolerance
  • Security Enhanced Chip Multiprocessor
  • Virtual Machining
  • Network Service System
  • Distributed Processing
  • Educational Institutions
  • Protection
  • Buffer Overflow
  • Design Engineering
  • Virtual Manufacturing
citation count

3