Presentation is loading. Please wait.

Presentation is loading. Please wait.

Secure Proactive Recovery – a Hardware Based Mission Assurance Scheme

Published byMonica Carr Modified over 5 years ago

Similar presentations

Presentation on theme: "Secure Proactive Recovery – a Hardware Based Mission Assurance Scheme"— Presentation transcript:

1 Secure Proactive Recovery – a Hardware Based Mission Assurance Scheme
Ruchika Mehresh1 Shambhu J. Upadhyaya1 Kevin Kwiat2 1Department of Computer Science and Engineering, State University of New York at Buffalo, NY, USA 2Air Force Research Laboratory, Rome, NY, USA Research Supported in Part by ITT Grant No J and NSF Grant No. DUE 6th International Conference on Information Warfare and Security, 2011

2 Outline Structure Motivation Threat model System design
Performance analysis Conclusion

3 Motivation Mission assurance Goals Feasibility study
Survivability Security Fault tolerance Low cost (Time overhead) Adaptation and evolution Feasibility study Long running applications Prevention  Detection  Recovery Hardware-based Smart defender

4 Outline Structure Motivation Threat model System design
Performance analysis Conclusion

5 Byzantine fault tolerance
Threat Model Time diversity Spatial diversity Reactive recovery Proactive recovery Byzantine fault tolerance

6 The Quiet Invader Smart attacker Quiet invader
Make decisions to maximize the potential of achieving their objectives based on dynamic information Quiet invader Camouflages to buy more time Plan to attack mission during critical stage (Why?) Example: Long running countdown for a space shuttle launch that runs for several hours

7 Outline Structure Motivation Threat model System design
Performance analysis Conclusion

8 Replica 3 Coordinator Replica 1 H C Replica 2 H C Replica 3 H C
Workload Workload Workload Workload Workload Replica 1 H C Replica 2 H C Replica 3 H C Replica n H C R R R R Periodic checkpoint Hardware Signature Periodic checkpoint Hardware Signature Hardware Signature Periodic checkpoint Hardware Signature Hardware Signature Periodic checkpoint Periodic checkpoint

9 Hardware Signature Generation
IDS System reg

10 Outline Structure Motivation Threat model System design
Performance analysis Conclusion

11 Performance Analysis Cases Workload
Case 1: Systems with no checkpointing Case 2: Systems with checkpointing, no failures/attacks Case 3: Systems with checkpointing, failures/attacks Workload Java SciMark 2.0 benchmark workloads: FFT, SOR, Sparse, LU Multi-step simulation based evaluation approach [Reference: Mehresh, R., Upadhyaya, S. and Kwiat, K. (2010) “A Multi-Step Simulation Approach Toward Fault Tolerant system Evaluation”, Third International Workshop on Dependable Network Computing and Mobile Systems, October]

12 Results

13 Results FFT LU SOR Sparse Case 1 3421.09 222.69 13.6562 23.9479 Case 2
Table 1: Execution Times (in hours) for the Scimark workloads across three cases Results FFT LU SOR Sparse Case 1 222.69 Case 2 226.36 Case 3 (M=10) 249.08 Case 3 (M=25) 233.83 Table : Execution times (in hours) for the Scimark workloads for the three cases

14 Results

15 Results

16 Results M=5 M=10 M=15 M=25 Optimal Checkpoint Interval (hours) 0.3 0.5
0.65 0.95 Execution Times(hours) 248.97 241.57 238.16 235.06 Table : Approximate optimal checkpoint interval values and their corresponding workload execution times for LU (Case 3) at different values of M

17 Outline Structure Motivation Threat model System design
Performance analysis Conclusion

18 Conclusion Low cost solution to secure proactive recovery
Mission survivability Utilized redundant hardware Small overhead in absence of failures Effective preventive measure Future work To evaluate this scheme for a distributed system

19 Thank You !!

Download ppt "Secure Proactive Recovery – a Hardware Based Mission Assurance Scheme"

Similar presentations

An Overview of ABFT in cloud computing

An Overview of ABFT in cloud computing
Distributed Systems Major Design Issues Presented by: Christopher Hector CS8320 – Advanced Operating Systems Spring 2007 – Section 2.6 Presentation Dr.

Distributed Systems Major Design Issues Presented by: Christopher Hector CS8320 – Advanced Operating Systems Spring 2007 – Section 2.6 Presentation Dr.
Dynamic Thread Assignment on Heterogeneous Multiprocessor Architectures Pree Thiengburanathum Advanced computer architecture Oct 24, 2007 1.

Dynamic Thread Assignment on Heterogeneous Multiprocessor Architectures Pree Thiengburanathum Advanced computer architecture Oct 24,
Making Services Fault Tolerant

Making Services Fault Tolerant
An Authentication Service Based on Trust and Clustering in Wireless Ad Hoc Networks: Description and Security Evaluation Edith C.H. Ngai and Michael R.

An Authentication Service Based on Trust and Clustering in Wireless Ad Hoc Networks: Description and Security Evaluation Edith C.H. Ngai and Michael R.
Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.

Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.
Dept. of Computer Science & Engineering, CUHK Performance and Effectiveness Analysis of Checkpointing in Mobile Environments Chen Xinyu 2003-01-22.

Dept. of Computer Science & Engineering, CUHK Performance and Effectiveness Analysis of Checkpointing in Mobile Environments Chen Xinyu
An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.

An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.
Present by Chen, Ting-Wei Adaptive Task Checkpointing and Replication: Toward Efficient Fault-Tolerant Grids Maria Chtepen, Filip H.A. Claeys, Bart Dhoedt,

Present by Chen, Ting-Wei Adaptive Task Checkpointing and Replication: Toward Efficient Fault-Tolerant Grids Maria Chtepen, Filip H.A. Claeys, Bart Dhoedt,
Dept. of Computer Science & Engineering, CUHK Fault Tolerance and Performance Analysis in Wireless CORBA Chen Xinyu 2002-12-09 Supervisor: Markers: Prof.

Dept. of Computer Science & Engineering, CUHK Fault Tolerance and Performance Analysis in Wireless CORBA Chen Xinyu Supervisor: Markers: Prof.
1 Making Services Fault Tolerant Pat Chan, Michael R. Lyu Department of Computer Science and Engineering The Chinese University of Hong Kong Miroslaw Malek.

1 Making Services Fault Tolerant Pat Chan, Michael R. Lyu Department of Computer Science and Engineering The Chinese University of Hong Kong Miroslaw Malek.
March 24, 2003Upadhyaya – IWIA 20031 A Tamper-resistant Framework for Unambiguous Detection of Attacks in User Space Using Process Monitors R. Chinchani.

March 24, 2003Upadhyaya – IWIA A Tamper-resistant Framework for Unambiguous Detection of Attacks in User Space Using Process Monitors R. Chinchani.
GRID COMPUTING: REPLICATION CONCEPTS Presented By: Payal Patel.

GRID COMPUTING: REPLICATION CONCEPTS Presented By: Payal Patel.
Exploring the Tradeoffs of Configurability and Heterogeneity in Multicore Embedded Systems + Also Affiliated with NSF Center for High- Performance Reconfigurable.

Exploring the Tradeoffs of Configurability and Heterogeneity in Multicore Embedded Systems + Also Affiliated with NSF Center for High- Performance Reconfigurable.
ATIF MEHMOOD MALIK KASHIF SIDDIQUE Improving dependability of Cloud Computing with Fault Tolerance and High Availability.

ATIF MEHMOOD MALIK KASHIF SIDDIQUE Improving dependability of Cloud Computing with Fault Tolerance and High Availability.
EAIT, February 2006 A Pragmatic Approach towards the Improvement of Performance of Ad Hoc Routing ProtocolsOptimizations To Multipath Routing Protocols.

EAIT, February 2006 A Pragmatic Approach towards the Improvement of Performance of Ad Hoc Routing ProtocolsOptimizations To Multipath Routing Protocols.
Computer Science Open Research Questions Adversary models –Define/Formalize adversary models Need to incorporate characteristics of new technologies and.

Computer Science Open Research Questions Adversary models –Define/Formalize adversary models Need to incorporate characteristics of new technologies and.
Young Suk Moon Chair: Dr. Hans-Peter Bischof Reader: Dr. Gregor von Laszewski Observer: Dr. Minseok Kwon 1.

Young Suk Moon Chair: Dr. Hans-Peter Bischof Reader: Dr. Gregor von Laszewski Observer: Dr. Minseok Kwon 1.
BFTCloud: A Byzantine Fault Tolerance Framework for Voluntary-Resource Cloud Computing Yilei Zhang, Zibin Zheng, and Michael R. Lyu

BFTCloud: A Byzantine Fault Tolerance Framework for Voluntary-Resource Cloud Computing Yilei Zhang, Zibin Zheng, and Michael R. Lyu
WP4 deliverable Critical Infrastructure Protection: Attack Prevention Solutions and Attacks.

WP4 deliverable Critical Infrastructure Protection: Attack Prevention Solutions and Attacks.

Similar presentations

Ads by Google