1 / 50

Enhancing System Survivability Through Strategic Defense Mechanisms

This presentation explores the concept of survivability, defined as a system's ability to successfully fulfill its mission despite threats such as attacks, failures, or accidents. It emphasizes defense strategies like honeypots and server rotations aimed at deception, distraction, and redundancy. Key scenarios illustrate collaborative attacks and the importance of risk management. By analyzing attack stages, selecting ideal attackers, and employing dynamic topology reconfiguration, the aim is to bolster network resilience and maintain operational integrity even under adverse conditions.

feryal
Download Presentation

Enhancing System Survivability Through Strategic Defense Mechanisms

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Research Direction Introduction Advisor: ProfessorFrank, Y.S. Lin Presented by YuPuWu

  2. Agenda • Introduction • Problem description • Scenario

  3. Definition of Survivability • We define survivability as the capability of a system to fulfill its mission, in a timely manner, in the presence of attacks, failures, or accidents. We use the term system in the broadest possible sense, including networks and large-scale systems of systems. [1] • [1] R. J. Ellison, D. A. Fisher, R. C. Linger, H. F. Lipson, T. Longstaff, and N. R. Mead, “Survivable Network Systems: An Emerging Discipline,” Technical Report CMU/SEI-97-TR-013, November 1997.(Revised: May 1999)

  4. Defense strategiesHoneypot • Existing Classifications • Lure • Defend(deception& intimidation ) • Study • [2] H. Debar, F. Pouget, and M. Dacier, “White Paper: “Honeypot, Honeynet, Honeytoken: Terminological issues”,” InstitutEurécom Research Report RR-03-081,2003

  5. Defense strategiesHoneypot • Level of interaction classification • Low-Interaction • Mid-Interaction • High-Interaction • [3] H. Debar, F. Pouget, and M. Dacier, “White Paper: “Honeypot, Honeynet, Honeytoken: Terminological issues”,” InstitutEurécom Research Report RR-03-081,2003

  6. Defense strategiesHoneypot • The objective of a false target is to distract or conceal something that someone else may search for (to gain access to, control, destroy, etc.) • [4] G. Levitin, and K. Hausken, “False targets efficiency in defense strategy,” European Journal of Operational Research, Vol. 194, Issue 1, Pages 155-162, 1 April

  7. Defense strategiesRotation • [5] Y. Huang, D. Arsenault, and A.Sood, “Closing Cluster Attack Windows Through Server Redundancy and Rotations”,Proc. IEEE CGRIDW'06.

  8. Defense strategiesRotation • Outrunning Component Failures, which replicates key application components and intelligently places new replicas on suitable hosts upon noticing failures. • Attack Containment, which isolates host intrusions and network based distributed denial of service attacks and stops their propagation. • Continuous Unpredictable Changes, which tries toput strict time constraints on the usefulness of obtained attack information by constantly changing unpredictably. • [6] M.Atighetchi, P.Pal, F.Webber,and C.Jones, “Adaptive Use of Network-Centric Mechanisms in Cyber-Defense”,BBN Technologies LLC.

  9. Agenda • Introduction • Problem description • Scenario

  10. CollaborativeAttacks

  11. Attack Strategies • Compromise • PretendtoAttack • TestReaction • TakeOpportunity • [8] S.Braynov and M.Jadliwala, “Representation and Analysis of Coordinated Attacks”,” FMSE'03,2003,

  12. RiskAvoidance&RiskTolerance • Risk Avoidance • Compromise • RiskTolerance • PretendtoAttack

  13. Period, P • N:ThetotalnumbersofnodesintheDefenseNetworks. • F:ThetotalnumbersofnodewhichiscompromisedintheDefenseNetworks. • IfNis100andFis 10, the Period will be 90%.

  14. SuccessRate, SR • SuccessRate(SR) =RiskAvoidanceCompromised/RiskAvoidanceAttacks • RiskAvoidance-CompromiseNodes : 10 • RiskTolerance-PretendtoAttack : 5 • CompromisedSuccessfully : 6 • (3CompromiseNodes : 3PretendtoAttack) • SuccessRate=30%

  15. Stage&RiskAttackers

  16. EarlyStage • EarlyStage

  17. LateStage • LateStage

  18. Selection Criteria • High Traffic & Low Defense Resource

  19. No.ofAttackers • NumberofAttackers • M : Numberofselectedcandidates • M=4,Period=99%,Success Rate=100% • RiskAvoidance:6RiskTolerance:0 • M=25,Period=80%,Success Rate=0% • RiskAvoidance:6RiskTolerance:0

  20. ChooseIdealAttackers • AttackEnergy • Budget&Capability • CorrespondingDefenseResourceforEachAttacker • Aggressiveness • AttackEnergy

  21. ChooseIdealAttackers • ExampleChooseIdealAttacker • 100DefenseResource • 90~110CorrespondingDefenseResource • AppropriateAggressiveness • LowerBound(50%,0%) • IfSuccessRate(SR)islow,raisetheLowerBound. • IfSuccessRate(SR)ishigh,reducetheLowerBound.

  22. FakeTraffic

  23. FakeTraffic

  24. FakeTraffic

  25. FakeTraffic

  26. Dynamic Topology Reconfiguration

  27. Dynamic Topology Reconfiguration

  28. Dynamic Topology Reconfiguration

  29. Dynamic Topology Reconfiguration

  30. VirtualMachine • VirtualMachine • VirtualMachineMonitor • LocalDefenseEffect • CoreNodecouldbeoneoftheVirtualMachines. • IfVMMwascompromised,allofitsVMwouldbecompromised,too.

  31. Agenda • Introduction • Problem description • Scenario

  32. Scenario CoreNodeCompromisedFalseTargetNextHop 7 DefenseResource Fake Traffic False Target & Fake Traffic Insider

  33. G A D H K N L I B E O 7 9 9 4 3 5 8 5 M F C J

  34. G A D H K N L I B E O 7 9 9 4 3 5 8 5 M F C J

  35. G A D H K N L I B E O 7 9 9 4 D 5 8 5 M F C J

  36. G A D H K +2 N L I B E +2 O D 8 5 5 C 9 9 7 M F C J

  37. G A D H K +2 N L I B E +2 O D 8 5 5 9 9 7 C M F C J

  38. G A D H K +2 N L I B E +2 O D 8 5 5 B 9 9 7 M F C J

  39. G A D H K +2 N L I B E +2 O D 8 A 5 B 9 9 7 M F C J

  40. G A D H K +2 N L I B E +2 O D 8 A 5 B 9 9 7 M F C J

  41. G A E H K +2 N L I B D +2 O D 8 A 5 B 7 9 9 M F C J

  42. G A E H K +2 N L I B D +2 O D 5 A 5 B 7 9 9 M F C J

  43. G A E H K +2 N L I B D +2 O D 8 A 5 B 7 9 9 M F C J

  44. G A E H K +2 N L I B D +2 O D 8 A B B 7 9 S M F C J

  45. G A E H K +2 N L I B D +2 O D 8 A B B 7 9 S M F C J

  46. G A E H K +2 N L I B D +2 O D 8 A B B 7 9 S M F C J

  47. Thanksforyourattention.

More Related