Abstract
Despite the increased focus on security, critical information systems remain vulnerable to cyber attacks. The problem stems in large part from the constant innovation and evolution of attack techniques. The trend leads importance to the concept of intrusion tolerance a critical system must fend off or at least limit the damage caused by unknown and/or undetected attacks. In prior work, we developed a self-cleansing intrusion tolerance (SCIT) architecture that achieves the above goal by constantly cleansing the servers and rotating the rule of individual servers. In this paper, we show that, with simple hardware enhancements strategically placed in a SCIT system, incorruptible intrusion containment can be realized. We then present an incorruptible SCIT design for use by one of the most critical infrastructures of the Internet, the domain name services. It is our belief that incorruptible intrusion containment as presented here constitutes a new, effective layer of system defense for critical information system.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
