Asynchronous intrusion recovery for interconnected web services
Author(s)Chandra, Ramesh; Kim, Taesoo; Zeldovich, Nickolai
MetadataShow full item record
Recovering from attacks in an interconnected system is difficult, because an adversary that gains access to one part of the system may propagate to many others, and tracking down and recovering from such an attack requires significant manual effort. Web services are an important example of an interconnected system, as they are increasingly using protocols such as OAuth and REST APIs to integrate with one another. This paper presents Aire, an intrusion recovery system for such web services. Aire addresses several challenges, such as propagating repair across services when some servers may be unavailable, and providing appropriate consistency guarantees when not all servers have been repaired yet. Experimental results show that Aire can recover from four realistic attacks, including one modeled after a recent Facebook OAuth vulnerability; that porting existing applications to Aire requires little effort; and that Aire imposes a 19--30% CPU overhead and 6--9 KB/request storage cost for Askbot, an existing web application.
DepartmentMassachusetts Institute of Technology. Computer Science and Artificial Intelligence Laboratory; Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science
Proceedings of the Twenty-Fourth ACM Symposium on Operating Systems Principles - SOSP '13
Association for Computing Machinery
Chandra, Ramesh, Taesoo Kim, and Nickolai Zeldovich. “Asynchronous Intrusion Recovery for Interconnected Web Services.” Proceedings of the Twenty-Fourth ACM Symposium on Operating Systems Principles - SOSP ’13 (2013), Nov. 3-6, 2013, Farminton, Pennsylvania, USA. ACM.
Author's final manuscript