A Holistic Approach to Service Survivability

A Holistic Approach to Service Survivability Keromytis Angelos D. author Columbia University. Computer Science Parekh Janak J. author Columbia University. Computer Science Gross Philip N. author Columbia University. Computer Science Kaiser Gail E. author Columbia University. Computer Science Misra Vishal author Columbia University. Computer Science Nieh Jason author Columbia University. Computer Science Rubenstein Daniel Stuart author Columbia University. Computer Science Stolfo Salvatore author Columbia University. Computer Science Columbia University. Computer Science originator text Articles 2003 manuscript version English We present SABER (Survivability Architecture: Block, Evade, React), a proposed survivability architecture that blocks, evades and reacts to a variety of attacks by using several security and survivability mechanisms in an automated and coordinated fashion. Contrary to the ad hoc manner in which contemporary survivable systems are built-using isolated, independent security mechanisms such as firewalls, intrusion detection systems and software sandboxes-SABER integrates several different technologies in an attempt to provide a unified framework for responding to the wide range of attacks malicious insiders and outsiders can launch. This coordinated multi-layer approach will be capable of defending against attacks targeted at various levels of the network stack, such as congestion-based DoS attacks, software-based DoS or code-injection attacks, and others. Our fundamental insight is that while multiple lines of defense are useful, most conventional, uncoordinated approaches fail to exploit the full range of available responses to incidents. By coordinating the response, the ability to survive successful security breaches increases substantially. We discuss the key components of SABER, how they will be integrated together, and how we can leverage on the promising results of the individual components to improve survivability in a variety of coordinated attack scenarios. SABER is currently in the prototyping stages, with several interesting open research topics. Computer science Proceedings of the ACM Workshop on Survivable and Self-Regenerative Systems: in association with 10th ACM Conference on Computer and Communications Security, Fairfax, VA, USA, October 31, 2003 Liu Peng editor Pal Partha editor New York ACM 2003 11 22 10.1145/1036921.1036923 </titleInfo> </relatedItem> </relatedItem> <identifier type="hdl">http://hdl.handle.net/10022/AC:P:13979</identifier> <location> <physicalLocation authority="marcorg">NNC</physicalLocation> </location> <recordInfo> <recordContentSource authority="marcorg">NNC</recordContentSource> <recordCreationDate encoding="w3cdtf">2012-07-11 16:25:42 -0400</recordCreationDate> <recordChangeDate encoding="w3cdtf">2012-07-12 09:48:34 -0400</recordChangeDate> <recordIdentifier>7983</recordIdentifier> <languageOfCataloging> <languageTerm authority="iso639-2b">eng</languageTerm> </languageOfCataloging> </recordInfo> </mods>