Presentation is loading. Please wait.

Presentation is loading. Please wait.

DARPA ITS PI Meeting – Honolulu – July 17-21, 2000Slide 1 Aegis Research Corporation Intrusion Tolerance Using Masking, Redundancy and Dispersion DARPA.

Similar presentations


Presentation on theme: "DARPA ITS PI Meeting – Honolulu – July 17-21, 2000Slide 1 Aegis Research Corporation Intrusion Tolerance Using Masking, Redundancy and Dispersion DARPA."— Presentation transcript:

1 DARPA ITS PI Meeting – Honolulu – July 17-21, 2000Slide 1 Aegis Research Corporation Intrusion Tolerance Using Masking, Redundancy and Dispersion DARPA ITS PI Meeting – Honolulu – July 17-21, 2000 Janet Lepanto Bill Weinstein The Charles Stark Draper Laboratory, Inc. Aegis Research Corporation ® Aegis Research Corporation

2 DARPA ITS PI Meeting – Honolulu – July 17-21, 2000Slide 2 Aegis Research Corporation Technical Objectives Develop an ITS architecture that supports layered defenses and provides resilience to attacks –Limit an attacker’s ability to ascertain the current state of the system configuration –Enable a system to tolerate subtle attacks whose characteristics are not known a priori –Guarantee data integrity in the face of a successful attack on one of the servers

3 DARPA ITS PI Meeting – Honolulu – July 17-21, 2000Slide 3 Aegis Research Corporation Technical Approach Adapt key concepts from fault-tolerant computing to address subtle attacks that may elude firewalls and algorithms that look for patterns of abnormal behavior –Masking faults so that their effects do not propagate to the system “output” –Rollback of execution to an uncompromised system state to recover from the effects of a fault –Synchronization to enable voting among redundant copies of data Incorporate these concepts in an ITS composed largely of untrusted unmodified COTS servers and databases augmented by a small set of trusted components Test these concepts in a series of phased experiments

4 DARPA ITS PI Meeting – Honolulu – July 17-21, 2000Slide 4 Aegis Research Corporation Basic Architecture External WAN External Firewall Data Base Transaction Mediator Gateway Switched IP Server (1) Server (N) Server (2) Configuration Manager Authentication Server Switched IP COTS Trusted Other

5 DARPA ITS PI Meeting – Honolulu – July 17-21, 2000Slide 5 Aegis Research Corporation Extended Architecture Authentication Server COTS Trusted Other Switched IP External WAN External Firewall Gateway Configuration Manager Switched IP Transaction Mediator Data Base Web Server (1) Web Server (1) Servers (Set 3) Switched IP Transaction Mediator Data Base Web Server (1) Web Server (1) Servers (Set 2) Switched IP Transaction Mediator Data Base Web Server (1) Web Server (1) Servers (Set 1)

6 DARPA ITS PI Meeting – Honolulu – July 17-21, 2000Slide 6 Aegis Research Corporation Experiment Plan Four phases of experiments will test the response of our ITS mechanisms to Red Team attacks –Initial mechanisms for attack disruption (Year 1) –Initial mechanisms for system recovery (Year 2) –Refined mechanisms for attack disruption and system recovery – Initial mechanisms for synchronization and voting (Year 3) –Refined mechanisms for synchronization and voting for distributed servers (Year 4)

7 DARPA ITS PI Meeting – Honolulu – July 17-21, 2000Slide 7 Aegis Research Corporation Risk Management Primary Risks –Dispersion of application transactions within a single session –Rapid validation of server configuration –Efficient synchronization and voting in a transaction-oriented environment Risk Mitigation –Aegis has performed configuration analyses and has begun preliminary work in fingerprint modification –Dispersion techniques are employed today for load balancing; the challenge in the proposed application is to reduce the granularity at which dispersion is done –Draper has successfully applied synchronization, voting, and rollback in fault-tolerant system designs

8 DARPA ITS PI Meeting – Honolulu – July 17-21, 2000Slide 8 Aegis Research Corporation Quantitative Metrics Percent of successful Red Team attacks Time to achieve successful Red Team attacks Impact of ITS mechanisms on system performance

9 DARPA ITS PI Meeting – Honolulu – July 17-21, 2000Slide 9 Aegis Research Corporation Expected Major Achievements Verification that attacks can be impeded by dispersion Demonstration that data integrity can be maintained in the presence of unknown system vulnerabilities or unrecognized attack signatures Demonstration that data integrity can be maintained in the event of a successfully completed attack on a single server

10 DARPA ITS PI Meeting – Honolulu – July 17-21, 2000Slide 10 Aegis Research Corporation Task Schedule 1.1 Dev & Implmt Fingerprint Masking 1.2 Dev & Implmt Dynamic Assign 1.3 Dev & Implmt Config Evalution 1.4 Integration & Experimentation 1.5 Program Management 2.1 Dev & Implmt Transaction Mediator 2.2 Dev & Implmt Assess & Rollback 2.3 Integration & Experimentation 2.4 Program Management 3.1 Refine Fingerprint & Dynam Assign 3.6 Dev Sync of Redundant Databases 3.2 Implement Sync & Voting 3.3 Refine Config Assessment 3.4 Integration & Experimentation 3.5 Program Management 4.1 Refine Sync & Voting 4.2 Implmt Distribution of Servs & DBs 4.3 Integration & Experimentation 4.5 Program Management Task Name CY 2000CY 2001CY 2002CY 2003 Phase 1 – Basic Architecture Phase 2 – Extended Architecture CY 2004 Initial Mechanisms Attack Disruption Initial Mechanisms System Recovery Refined Mechanisms Attack Disruption Refined Mechs Sync & Voting Distrib Sys

11 DARPA ITS PI Meeting – Honolulu – July 17-21, 2000Slide 11 Aegis Research Corporation Technology Transfer Mechanisms for technology transfer to DARPA, other government agencies, the Services, and industry include –Formal documentation of the development and analysis of the prototype algorithms at the conclusion of each phase of our proposed effort –Documentation of the results of experiments –Technical papers published in the open literature and presented at conferences and workshops –Leveraging our Team’s link to government agencies with vested interests in ITS technology –Supporting government source selection for manufacturing and licensing our ITS technology

12 DARPA ITS PI Meeting – Honolulu – July 17-21, 2000Slide 12 Aegis Research Corporation Required Support from DARPA PM Coordination of experiments in the DARPA Technical Integration Center (TIC) facility

13 DARPA ITS PI Meeting – Honolulu – July 17-21, 2000Slide 13 Aegis Research Corporation Conclusion Problem –How can we tolerate unknown attack signatures and attacks that exploit unknown system vulnerabilities? Approach –Adapt concepts that have been successfully implemented in Byzantine fault-tolerant systems Benefits –Development and maintenance required for a relatively small number of trusted elements in the network architecture –COTS elements can be upgraded/improved with minimal impact on system security –Protects against “new” attacks


Download ppt "DARPA ITS PI Meeting – Honolulu – July 17-21, 2000Slide 1 Aegis Research Corporation Intrusion Tolerance Using Masking, Redundancy and Dispersion DARPA."

Similar presentations


Ads by Google