DocumentCode
949084
Title
Feedback control applied to survivability: a host-based autonomic defense system
Author
Kreidl, O. Patrick ; Frazier, Tiffany M.
Author_Institution
Dept. of Electr. Eng. & Comput. Sci., Massachusetts Inst. of Technol., Cambridge, MA, USA
Volume
53
Issue
1
fYear
2004
fDate
3/1/2004 12:00:00 AM
Firstpage
148
Lastpage
166
Abstract
We address the problem of information system survivability, or dynamically preserving intended functionality & computational performance, in the face of malicious intrusive activity. A feedback control approach is proposed which enables tradeoffs between the failure cost of a compromised information system and the maintenance cost of ongoing defensive countermeasures. Online implementation features an inexpensive computation architecture consisting of a sensor-driven recursive estimator followed by an estimate-driven response selector. Offline design features a systematic empirical procedure utilizing a suite of mathematical modeling and numerical optimization tools. The engineering challenge is to generate domain models and decision strategies offline via tractable methods, while achieving online effectiveness. We illustrate the approach with experimentation results for a prototype autonomic defense system which protects its host, a Linux-based web-server, against an automated Internet worm attack. The overall approach applies to other types of computer attacks, network-level security and other domains which could benefit from automatic decision-making based on a sequence of sensor measurements.
Keywords
Internet; Markov processes; computer network reliability; decision making; feedback; information systems; numerical analysis; recursive estimation; security of data; Linux-based web-server; Markovian processes; automatic decision-making; computation architecture; computational performance; computer attacks; computer security; decision strategies; domain models; empirical methods; failure cost; feedback control; host-based autonomic defense system; information system survivability; intrusion tolerance; maintenance cost; malicious intrusive activity; mathematical modeling; network-level security; numerical optimization tools; sensor uncertainty; sensor-driven recursive estimator; stochastic control; tractable methods; Computer architecture; Costs; Design engineering; Design optimization; Feedback control; Information systems; Maintenance; Mathematical model; Prototypes; Recursive estimation;
fLanguage
English
Journal_Title
Reliability, IEEE Transactions on
Publisher
ieee
ISSN
0018-9529
Type
jour
DOI
10.1109/TR.2004.824833
Filename
1282171
Link To Document