Intrusion detection by random dispersion and voting on redundant Web server operations

• Main Author: Kwon, Dennis Oshuk, 1979-
• Other Authors: William Weinstein and Howard E. Shrobe.
• Format: Others
• Language: English
• Published: Massachusetts Institute of Technology 2005
• Subjects: Electrical Engineering and Computer Science.
• Online Access: http://hdl.handle.net/1721.1/8112

Thesis (M.Eng.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2002. === Includes bibliographical references (p. 126-128). === Until now, conventional approaches to the problem of computer security and intrusion tolerance have either tried to block intrusions altogether, or have tried to detect an intrusion in progress and stop it before the execution of malicious code could damage the system or cause it to send corrupted data back to the client. The goal of this thesis is to explore the question of whether voting, in conjunction with several key concepts from the study of fault-tolerant computing - namely masking, redundancy, and dispersion - can be effectively implemented and used to confront the issues of detecting and handling such abnormalities within the system. Such a mechanism would effectively provide a powerful tool for any high-security system where it could be used to catch and eliminate the majority of all intrusions before they were able to cause substantial damage to the system. There are a number of subgoals that pertain to the issue of voting. The most significant are those of syntactic equivalence and tagging. Respectively, these deal with the issues of determining the true equivalence of two objects to be voted on, and "marking" multiple redundant copies of a single transaction such that they can be associated at a later time. Both of these subgoals must be thoroughly examined in order to design the optimal voting system. The results of this research were tested in a simulation environment. A series of intrusions were then run on the voting system to measure its performance. The outcome of these tests and any gains in intrusion tolerance were documented accordingly. === by Dennis Oshuk Kwon. === M.Eng.