Intrusion Survivability for Commodity Operating Systems and Services: A Work in Progress

Ronny Chevalier; David Plaquin; Guillaume Hiet

Intrusion Survivability for Commodity Operating Systems and Services: A Work in Progress

Ronny Chevalier ^{1, 2} David Plaquin ¹ Guillaume Hiet ²

1 HP Labs

2 CIDRE - Confidentialité, Intégrité, Disponibilité et Répartition

CentraleSupélec, Inria Rennes – Bretagne Atlantique , IRISA-D1 - SYSTÈMES LARGE ÉCHELLE

Abstract : This paper presents a work-in-progress of our approach for intrusion survivability in commodity operating systems. Our approach relies on an orchestration of recovery and mitigation actions. We rollback infected services (i.e., their processes) and infected files to a previous known safe state, and we apply per-service mitigations (i.e., privileges removal) before unfreezing the restored processes. Such approach effectively puts the previously compromised service into a degraded mode, allowing the system to withstand ongoing intrusions and ensures the availability of core functions to the users. A prototype for Linux-based systems is currently in development.

Keywords : Intrusion Tolerance Intrusion Recovery Survivability Resiliency Intrusion Response Availability

Document type :

Conference papers

Domain :

Computer Science [cs] / Cryptography and Security [cs.CR]

Complete list of metadatas

Cited literature [17 references] Display Hide Download

https://hal.inria.fr/hal-02280376
Contributor : Ronny Chevalier <>
Submitted on : Friday, September 6, 2019 - 11:56:48 AM
Last modification on : Tuesday, November 12, 2019 - 4:09:44 PM

intrusion-survivability-WIP.pd...

Files produced by the author(s)

Intrusion Survivability for Commodity Operating Systems and Services: A Work in Progress

File

Identifiers

Collections

Citation

Export

Metrics

122

282

Contact

Intrusion Survivability for Commodity Operating Systems and Services: A Work in Progress

File

Identifiers

Collections

Citation

Export

Share

Metrics

122

282

Contact