On the design of an global intrusion tolerance network architecture against the internet catastrophes

Wen Chen Sun, Yi Ming Chen

Research output: Contribution to journalArticlepeer-review

Abstract

Today's security communities face a daunting challenges - how to protect the Internet from new, unknown zero day worms. Due to their innovation, these worms are hard to be stopped by traditional security mechanisms. Therefore, instead of trying to prevent the intrusion of every such a thread, this paper proposes a new system architecture, named Virtual Machine based Intrusion Tolerance Network (VMITN), which will tolerate the new worm attack until administrators remove the vulnerability leveraged by the worm. The VMITN adopts a rough-set based recognition mechanism to detect zero day worms and a virtual machine based overlay network to mitigate attacks. We have implemented a concept proof prototype system and use NS-2 simulations to study the performance of the VMITN in a large scale network. The behavior of the famous Witty worm is simulated within the NS-2 module and the simulations result showed that our VMITN architecture can provide the reliability and survivability under severe worm attacks.

Original languageEnglish
Pages (from-to)1313-1325
Number of pages13
JournalJournal of Systems and Software
Volume82
Issue number8
DOIs
StatePublished - Aug 2009

Keywords

  • Fatal attack
  • Intrusion tolerance
  • Survivability
  • Virtual machine
  • Worm

Fingerprint

Dive into the research topics of 'On the design of an global intrusion tolerance network architecture against the internet catastrophes'. Together they form a unique fingerprint.

Cite this