Intrusion detection by random dispersion and voting on redundant Web server operations
Author(s)
Kwon, Dennis Oshuk, 1979-
DownloadFull printable version (5.957Mb)
Other Contributors
Massachusetts Institute of Technology. Dept. of Electrical Engineering and Computer Science.
Advisor
William Weinstein and Howard E. Shrobe.
Terms of use
Metadata
Show full item recordAbstract
Until now, conventional approaches to the problem of computer security and intrusion tolerance have either tried to block intrusions altogether, or have tried to detect an intrusion in progress and stop it before the execution of malicious code could damage the system or cause it to send corrupted data back to the client. The goal of this thesis is to explore the question of whether voting, in conjunction with several key concepts from the study of fault-tolerant computing - namely masking, redundancy, and dispersion - can be effectively implemented and used to confront the issues of detecting and handling such abnormalities within the system. Such a mechanism would effectively provide a powerful tool for any high-security system where it could be used to catch and eliminate the majority of all intrusions before they were able to cause substantial damage to the system. There are a number of subgoals that pertain to the issue of voting. The most significant are those of syntactic equivalence and tagging. Respectively, these deal with the issues of determining the true equivalence of two objects to be voted on, and "marking" multiple redundant copies of a single transaction such that they can be associated at a later time. Both of these subgoals must be thoroughly examined in order to design the optimal voting system. The results of this research were tested in a simulation environment. A series of intrusions were then run on the voting system to measure its performance. The outcome of these tests and any gains in intrusion tolerance were documented accordingly.
Description
Thesis (M.Eng.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2002. Includes bibliographical references (p. 126-128).
Date issued
2002Department
Massachusetts Institute of Technology. Department of Electrical Engineering and Computer SciencePublisher
Massachusetts Institute of Technology
Keywords
Electrical Engineering and Computer Science.