Asynchronous intrusion recovery for interconnected web services

Author(s)

Chandra, Ramesh; Kim, Taesoo; Zeldovich, Nickolai

Abstract

Recovering from attacks in an interconnected system is difficult, because an adversary that gains access to one part of the system may propagate to many others, and tracking down and recovering from such an attack requires significant manual effort. Web services are an important example of an interconnected system, as they are increasingly using protocols such as OAuth and REST APIs to integrate with one another. This paper presents Aire, an intrusion recovery system for such web services. Aire addresses several challenges, such as propagating repair across services when some servers may be unavailable, and providing appropriate consistency guarantees when not all servers have been repaired yet. Experimental results show that Aire can recover from four realistic attacks, including one modeled after a recent Facebook OAuth vulnerability; that porting existing applications to Aire requires little effort; and that Aire imposes a 19--30% CPU overhead and 6--9 KB/request storage cost for Askbot, an existing web application.

Date issued

2013

URI

http://hdl.handle.net/1721.1/91473

Department

Massachusetts Institute of Technology. Computer Science and Artificial Intelligence Laboratory
Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science

Journal

Proceedings of the Twenty-Fourth ACM Symposium on Operating Systems Principles - SOSP '13

Publisher

Association for Computing Machinery

Citation

Chandra, Ramesh, Taesoo Kim, and Nickolai Zeldovich. “Asynchronous Intrusion Recovery for Interconnected Web Services.” Proceedings of the Twenty-Fourth ACM Symposium on Operating Systems Principles - SOSP ’13 (2013), Nov. 3-6, 2013, Farminton, Pennsylvania, USA. ACM.

Version: Author's final manuscript

ISBN

9781450323888