Title :
Flexible intrusion tolerant group membership protocol
Author :
Subraveti, Narasimha Prasad ; Tanaraksiritavorn, Soontaree ; Mishra, Shivakant
Author_Institution :
Dept. of Comput. Sci., Colorado Univ., Boulder, CO, USA
Abstract :
Intrusion-tolerant group membership protocols constitute an important part of intrusion-tolerant group communication systems. This protocol maintains a consistent system-wide view of correct group members in the presence of malicious failures. This paper presents a new intrusion-tolerant group membership protocol, which provides two unique features. First, it introduces a new membership state called a suspended membership state. This new state provides a good balance between the amount of time a malicious/compromised group member gets to launch attacks before being removed from the group and the increased vulnerability to denial-of-service attacks if a suspected member is removed too early from the group. Second, it introduces a clean, logical separation between the functionality of detecting malicious processes and removing malicious group members from the group. This logical separation aids in simplifying the group membership protocol design and efficiently detecting suspicious process behaviors.
Keywords :
computer crime; protocols; wide area networks; denial-of-service attack; intrusion tolerant group membership protocol; intrusion-tolerant group communication system; Broadcasting; Buildings; Communication system security; Computer crashes; Computer crime; Computer science; Detectors; Middleware; Protocols; Prototypes;
Conference_Titel :
Parallel and Distributed Systems, 2004. ICPADS 2004. Proceedings. Tenth International Conference on
Print_ISBN :
0-7695-2152-5
DOI :
10.1109/ICPADS.2004.1316124
