![]() |
![]() Malicious-and Accidental-Fault Tolerance for Internet Applications IST Research Project IST- 1 January 2000 - 28 February 2003 |
|
|
![]() ![]() WP1 concentrated on the Conceptual Model and Architecture of attack tolerance. Deliverables... ![]() ![]() WP2 developed a modular and scalable cryptographic group-oriented middleware suite Deliverables... ![]() ![]() WP3 investigated ways of reducing the high rate of false positives and false negatives for existing Intrusion Detection Systems (IDSs), whilst making the IDS itself intrusion-tolerant Deliverables... ![]() ![]() WP4 designed a generic architecture for dependable Trusted Third Party (TTP) services based on results from WP2. Deliverables... ![]() ![]() In WP5, we defined a framework for access control and authorisation Deliverables... ![]() ![]() WP6 worked towards formalisation of the MAFTIA conceptual model Deliverables... |
||||
Intrusion DetectionIntrusion Detection Systems (IDSs) can be seen as necessary building blocks that should help in tolerating attacks An IDS is expected to raise an alarm when an attack occurs. Unfortunately, existing solutions can fail to deliver that service in two different ways:
Thus, we studied and evaluated how notions such as fault injection, diversity and distributed reasoning could be used to address the weaknesses of existing IDS solutions. In particular, we assessed the various ways of combining the output of those IDSs to reduce the global rate of false positive/negative alarms. This implies the implementation of some error compensation technique to build a fault-tolerant system of IDSs. A study of existing IDS techniques showed that in order to detect the introduction or activation of as many intentional faults as possible i.e., in order to maximise the fault coverage one has to combine several techniques. Each technique is bound, by design, to generate false positive and negative alarms in some circumstances. We developed this work to characterise the failure modes of the various families of ID techniques, and defined a taxonomy of vulnerabilities to define the fault assumptions that we wanted to deal with. We then used these two results to show how to maximise the fault coverage provided by a system of IDSs and to implement error-compensation mechanisms using correlations between the information coming from the various sources. Finally, we explored ways in which the MAFTIA middleware could be used to build a more intrusion-tolerant IDS. |
||||||
|