Skip to Main content Skip to Navigation
Conference papers

Intrusion Survivability for Commodity Operating Systems and Services: A Work in Progress

Ronny Chevalier 1, 2 David Plaquin 1 Guillaume Hiet 2
2 CIDRE - Confidentialité, Intégrité, Disponibilité et Répartition
CentraleSupélec, Inria Rennes – Bretagne Atlantique , IRISA-D1 - SYSTÈMES LARGE ÉCHELLE
Abstract : This paper presents a work-in-progress of our approach for intrusion survivability in commodity operating systems. Our approach relies on an orchestration of recovery and mitigation actions. We rollback infected services (i.e., their processes) and infected files to a previous known safe state, and we apply per-service mitigations (i.e., privileges removal) before unfreezing the restored processes. Such approach effectively puts the previously compromised service into a degraded mode, allowing the system to withstand ongoing intrusions and ensures the availability of core functions to the users. A prototype for Linux-based systems is currently in development.
Document type :
Conference papers
Complete list of metadata

Cited literature [17 references]  Display  Hide  Download
Contributor : Ronny Chevalier Connect in order to contact the contributor
Submitted on : Friday, September 6, 2019 - 11:56:48 AM
Last modification on : Wednesday, November 3, 2021 - 8:14:44 AM
Long-term archiving on: : Thursday, February 6, 2020 - 9:34:32 PM


Files produced by the author(s)


  • HAL Id : hal-02280376, version 1


Ronny Chevalier, David Plaquin, Guillaume Hiet. Intrusion Survivability for Commodity Operating Systems and Services: A Work in Progress. RESSI 2018 - Rendez-Vous de la Recherche et de l'Enseignement de la Sécurité des Systèmes d'Information, May 2018, Nancy / La Bresse, France. ⟨hal-02280376⟩



Les métriques sont temporairement indisponibles