Int J Performability Eng ›› 2014, Vol. 10 ›› Issue (2): 123-132.doi: 10.23940/ijpe.14.2.p123.mag

• Original articles • Previous Articles     Next Articles

A Novel Approach to Building Intrusion Tolerant Systems


  1. Department of Electrical and Computing Engineering, Cleveland State University, 2121 Euclid Ave., Cleveland, OH 44115


A novel approach of structuring mission-critical systems with an emphasis on intrusion tolerance is described. Key components in the proposed system include traf?c regulation, application request processing, state protection, integrity checking, and process/node health monitoring. In particular, the separation of execution and state management enables the use of a single process to manage application requests, thereby reducing run-time overhead and enables highly concurrent executions. Furthermore, intrusion attacks are mitigated by two means: (1) append-only state logging so that a compromised execution node cannot corrupt state updates from other nodes; and (2) acceptance testing as a way to verify the integrity of the execution of application requests. When an attack is detected, the malformed requests that materialized the attack are quarantined, and such requests (current and future ones) are rejected.

Received on March 08, 2013, revised on October 31, 2013
References: 12