Title :
Defensive execution of transactional processes against attacks
Author :
Yu, Meng ; Zang, Wanyu ; Liu, Peng
Author_Institution :
Dept. of Comput. Sci., Monmouth Univ.
Abstract :
It is a well known problem that the attack recovery of a self-healing system rolls back not only malicious transactions, but also legitimate transactions that are dependent on the malicious transactions. Rolling back and re-executing damaged transactions increase the response time of the system and may cause a significant processing delay. In such situations, the availability of the system is compromised and the system suffers the vulnerability of denial of service (DoS). In this paper, we propose a defensive executing technique and analyze its effectiveness. Our technique concurrently executes multiple paths of a transactional processes based on the prediction generated by a discrete time Markov chain. The defensive execution can reduce the delay caused by recovery. We also propose a branch cutting technique to reduce the extra cost introduced by defensive execution. Our analytical results show that our technique is practical against transactional level attacks
Keywords :
Markov processes; discrete time systems; system recovery; telecommunication security; transaction processing; attack recovery; branch cutting; defensive execution; denial of service; discrete time Markov chain; malicious transaction; self-healing system; transactional level attack; transactional process; Application software; Availability; Computer crime; Computer science; Computer security; Costs; Database systems; Delay effects; Transaction databases;
Conference_Titel :
Computer Security Applications Conference, 21st Annual
Conference_Location :
Tucson, AZ
Print_ISBN :
0-7695-2461-3
DOI :
10.1109/CSAC.2005.18
