Intrusion Survivability for Commodity Operating Systems and Services: A Work in Progress - Archive ouverte HAL Access content directly
Conference Papers Year : 2018

Intrusion Survivability for Commodity Operating Systems and Services: A Work in Progress

(1, 2) , (1) , (2)
1
2

Abstract

This paper presents a work-in-progress of our approach for intrusion survivability in commodity operating systems. Our approach relies on an orchestration of recovery and mitigation actions. We rollback infected services (i.e., their processes) and infected files to a previous known safe state, and we apply per-service mitigations (i.e., privileges removal) before unfreezing the restored processes. Such approach effectively puts the previously compromised service into a degraded mode, allowing the system to withstand ongoing intrusions and ensures the availability of core functions to the users. A prototype for Linux-based systems is currently in development.
Fichier principal
Vignette du fichier
intrusion-survivability-WIP.pdf (92.84 Ko) Télécharger le fichier
Origin : Files produced by the author(s)
Loading...

Dates and versions

hal-02280376 , version 1 (06-09-2019)

Identifiers

  • HAL Id : hal-02280376 , version 1

Cite

Ronny Chevalier, David Plaquin, Guillaume Hiet. Intrusion Survivability for Commodity Operating Systems and Services: A Work in Progress. RESSI 2018 - Rendez-Vous de la Recherche et de l'Enseignement de la Sécurité des Systèmes d'Information, May 2018, Nancy / La Bresse, France. ⟨hal-02280376⟩
81 View
76 Download

Share

Gmail Facebook Twitter LinkedIn More