Intrusion Survivability for Commodity Operating Systems and Services: A Work in Progress

Ronny Chevalier 1, 2 David Plaquin 1 Guillaume Hiet 2
2 CIDRE - Confidentialité, Intégrité, Disponibilité et Répartition
CentraleSupélec, Inria Rennes – Bretagne Atlantique , IRISA-D1 - SYSTÈMES LARGE ÉCHELLE
Abstract : This paper presents a work-in-progress of our approach for intrusion survivability in commodity operating systems. Our approach relies on an orchestration of recovery and mitigation actions. We rollback infected services (i.e., their processes) and infected files to a previous known safe state, and we apply per-service mitigations (i.e., privileges removal) before unfreezing the restored processes. Such approach effectively puts the previously compromised service into a degraded mode, allowing the system to withstand ongoing intrusions and ensures the availability of core functions to the users. A prototype for Linux-based systems is currently in development.
Document type :
Conference papers
Complete list of metadatas

Cited literature [17 references]  Display  Hide  Download

https://hal.inria.fr/hal-02280376
Contributor : Ronny Chevalier <>
Submitted on : Friday, September 6, 2019 - 11:56:48 AM
Last modification on : Tuesday, November 12, 2019 - 4:09:44 PM

File

intrusion-survivability-WIP.pd...
Files produced by the author(s)

Identifiers

  • HAL Id : hal-02280376, version 1

Citation

Ronny Chevalier, David Plaquin, Guillaume Hiet. Intrusion Survivability for Commodity Operating Systems and Services: A Work in Progress. RESSI 2018 - Rendez-Vous de la Recherche et de l'Enseignement de la Sécurité des Systèmes d'Information, May 2018, Nancy / La Bresse, France. ⟨hal-02280376⟩

Share

Metrics

Record views

122

Files downloads

282