Mechanism to continue system availability during cyber threat scenario
Authors: 
Sohail Safdar, Mohd Fadzil Hassan, Karim Hajjar, Rehan Akbar, Baraa T. Sharef, Muhammad Aasim QureshiAuthors Info & Claims
Sohail Safdar, Mohd Fadzil Hassan, Karim Hajjar, Rehan Akbar, Baraa T. Sharef, Muhammad Aasim QureshiAuthors Info & ClaimsArticle No.: 92, Pages 1 - 6
Abstract
It is known that cyber attacks on the application systems causes denial of services to avoid confidentiality and integrity compromise. The system remains inaccessible until it is completely recovered from that threat. This unavailability of the system is very important to handle as it results in huge monetary loss for organizations and their customers suffer with bad quality services. The main research objective is to design a framework for sustaining the system's availability at application level during the period of cyber attack. A designed framework is comprised of two components that propose one of the potential solutions for handling the system's unavailability problem while it is under attack. Ad hoc data migration is the first component that transfers the information to the alternative system's data storage when the attack is detected. Secured authentication is another very important component that compliments the alternatively available system to provide the secured information services to the end user. Secured authentication is designed differently with more strength compared to the conventional textual password authentication scheme so that the malicious users can be restricted from accessing the alternatively available system.
References
[1]
"Information Security: A Conceptual Architecture Approach", Oracle, April 2011.
[2]
C. E. Landwehr, "Computer Security", International Journal of Information Security, Springer - Verlag, 2001, vol. 1, no. 1, pp. 3 -- 13.
[3]
http://www.cybersecurity.my/en/knowledge_bank/news/2010/main/detail/1900/index.html, 16th Dec 2011.
[4]
http://www.cybersecurity.my/en/knowledge_bank/news/2007/main/detail/1473/index.html, 16th Dec 2011.
[5]
http://www.cybersecurity.my/en/knowledge_bank/news/2009/main/detail/1795/index.html, 16th Dec 2011.
[6]
http://scamfraudalert.wordpress.com/2010/03/13/fbi-2009-cybercrime-statistics/, 16th Dec 2011.
[7]
Y. Y. Zhu, "Research on the Evaluation of Customer Satisfaction under B2C E-commerce", International Conference on Networking and Digital Society, 2010, pp. 601 -- 604.
[8]
"An Overview of Information Security Standards", The Government of the Hong Kong Special Administrative Region, Feb. 2008.
[9]
A. Bacs, R. Vermeulen, A. Slowinska and H. Bos, "System-level Support for Intrusion Recovery", 9th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment DIMVA '12, 2012, pp. 144 -- 163.
[10]
D. J. Ragsdale, C. A. Jr. Carver, J. W. Humphries and U. W. Pooch, "Adaptation Techniques for Intrusion Detection and Intrusion Response Systems", IEEE International Conference on Systems, Man and Cybernetics, 2000, vol. 4, pp. 2344 -- 2349.
[11]
W. H. Baker and L. Wallace, "Is Information Security Under Control?: Investigating Quality in Information Security Management", Security & Privacy, IEEE, Jan - Feb 2007, vol. 5, no. 1, pp. 36 -- 44.
[12]
G. Stoneburner, A. Goguen and A. Feringa, "Risk Management Guide for Information Technology Systems," National Institute of Standards and Technology, US Dept of Commerce, 2002.
[13]
M. M. Anwar, M. F. Zafar and Z. Ahmed, "A Proposed Preventive Information Security System", International Conference on Electrical Engineering ICEE '07, 11--12 April 2007, pp. 1 -- 6.
[14]
"Information Assurance Tools Report: Intrusion Detection Systems", 6th Edition, Information Assurance Technology Analysis Center (IATAC), 25th Sept. 2009.
[15]
Z. Li, A. Das and J. Zhou, "Theoretical Basis for Intrusion Detection", 6th Annual IEEE SMC Information Assurance Workshop, IAW '05, 15--17 June 2005, pp.185 -- 192.
[16]
S. Suthaharan, "An Iterative Ellipsoid-Based Anomaly Detection Technique for Intrusion Detection Systems", Southeastcon, 15 -- 18 March 2012, pp. 1 -- 6.
[17]
B. Kiepuszewski, R. Muhlberger and M. Orlowska., "Flowback: Providing Backward Recovery for Workflow Management Systems". International Conference on Management of Data ACM SIGMOD, 1998, pp. 555 -- 557.
[18]
M. Yu, P. Liu and W. Zang, "Self-Healing Workflow Systems under Attacks", 24th International Conference on Distributed Computing Systems ICDCS'04, 2004.
[19]
M. Yu, P. Liu and W. Zang, "Multi-Version Attack Recovery for Workflow Systems", 19th Annual Computer Security Applications Conference ACSAC'03, 2003.
[20]
Y. Y. Zhu, "Research on the Evaluation of Customer Satisfaction under B2C E-commerce", International Conference on Networking and Digital Society, 2010, pp. 601 -- 604.
[21]
http://smallbiztrends.com/2011/10/amid-rising-cost-of-cyber-attacks-knowbe4-urges-businesses-to-protect-networks-from-new-generation-of-cybercriminals.html, 27th Jan 2012.
[22]
http://edition.cnn.com/2011/BUSINESS/06/06/cybercrime.cost/index.html, 27th Jan 2012.
[23]
S. Ramamoorthy, S. P. Rajagopalan and S. Sathyalakshmi, "Process for security in self-healing systems' architecture", International Conference on Sustainable Energy and Intelligent Systems SEISCON'11, 20--22 July 2011, pp. 839 -- 843.
[24]
M. E. Locasta, "Self-Healing: Science, Engineering, and Fiction", NSPW'07, ACM, USA, Sept. 2007, pp. 43--48.
[25]
A. Valsangkar and B. Panda, "An Architecture for Making Data Available Ceaselessly During Recovery", 2003 IEEE Workshop on Information Assurance, June 2003, pp. 196 -- 202.
[26]
P. P. Pal, F. Webber, R. E. Schantz and J. P. Loyall, "Intrusion Tolerant Systems", sponsored by DARPA, 2000.
[27]
http://ico.org.uk/for_organisations/data_protection/the_guide/principle_7, 30th July 2014.
[28]
Y. S. Feruza and T. Kim, "IT Security Review: Privacy, Protection, Access Control, Assurance and System Security", International Journal of Multimedia and Ubiquitous Engineering, April 2007, vol. 2, no . 2.
[29]
"Recommended Security Controls for Federal Information System", National Institute of Standards and Technology Special Publication 800--53, Revision 1, February 2006.
[30]
T. Carlson, "Information Security Management: Understanding ISO 17799", Lucent Technologies Worldwide Services, Sept. 2001.
[31]
V. Poole, "Information Security Management: Why The Emerging ISO 27000 Series are Vital for Business Resilience", The Cyprus Computer Society, June 2008.
[32]
C. J. Chen and M. H. Li, "SecConfig: A Pre-Active Information Security Protection Technique", 4th International Conference on Networked Computing and Advanced Information Management NCM '08, 2 -- 4 Sept. 2008, pp. 648 -- 652.
[33]
"Security Management Frameworks", © Security Architecture, 2009.
[34]
"Security and Privacy Controls for Federal Information Systems and Organizations", National Institute of Standards and Technology Special Publication 800--53, Revision 3, August 2009.
[35]
"Managing Information Security Risk: Organization, Mission, and Information System View", National Institute of Standards and Technology Special Publication 800--39, March 2011.
[36]
"Threatsaurus: The A - Z of Computer and Data Security Threats", SOPHOS, Sophos Ltd., 2012.
[37]
F. Erlandsson, M. Boldt and H. Johnson, "Privacy Threats Related to UserProfiling in Online Social Networks", International Conference on Social Computing and International conference on Privacy, Security, Risk and Trust, 2012, pp. 838 -- 842.
[38]
E. Ivankina and C. Salinesi, "Eliciting requirements by analysing threats caused by users", 3rd ACIS International Conference on Software Engineering Research, Management and Applications, 11 -- 13 Aug. 2005, pp. 104 -- 111.
[39]
I. M. Hejazy, H. M. Hafeem and T. Al-Arif, "A Design of Softbots for Intelligent, Reactive Intrusion Detection Systems", International Symposium on Communication systems, Networks and Digital Signal Processing, 2004, pp. 437 -- 440.
[40]
S. Tan, H. Zhu and Y. Wang, "Some Notes on Password Authenticated Key Exchange Based on RSA", International Conference on Computational Intelligence and Security, Dec 2009, pp. 580--583.
[41]
S. Mitchell, "Encrypting Sensitive Data in a Database", MSDN Spotlight, 2005.
[42]
"Vulnerability-Focussed Threat Detection: Protect Against the Unknown", © Cisco Systems, 2008.
[43]
Q. Zhang, H. Yang, K. Li and Z. Qian, "Research on the Intrusion Detection Technology with Hybrid Model", 2nd Conference on Environmental Science and Information Application Technology ESIAT '10, 2010, pp. 646 -- 649.
[44]
D. Zhao, Q. Xu and Z. Feng, "Analysis and Design for Intrusion Detection System Based on Data Mining", 2nd International Workshop on Education Technology and Computer Science ETCS '10, 2010, pp. 339 -- 342.
[45]
W. Yang, W. Wan, L. Guo and L. J. Zhang, "An Efficient Intrusion Detection Model Based on Fast Inductive Learning", 6th International Conference on Machine Learning and Cybernetics, Hong Kong, 19--22 August 2007, pp. 3249 -- 3254.
[46]
L. Wenke, S. J. Stolfo and K. W. Mok, "A Data Mining Framework for Building Intrusion Detection Models", IEEE Symposium on Security and Privacy, Oakland CA USA, 1999, pp. 120--132.
[47]
M. Costa, J. Crowcroft, M. Castro, A. Rowstron, L. Zhou, L. Zhang and P. Barham, "Vigilante: End-to-end containment of internet worms", ACM Symposium on Operating System Principles, 2005.
[48]
J. R. Crandall, Z. Su, S. F. Wu and F. Chong, "On deriving unknown vulnerabilities from zero-day polymorphic and metamorphic worm exploits", ACM Conference on Computer and Communications Security, 2005.
[49]
J. R. Crandall and F. Chong, "Minos: Architectural Support for software security through control data integrity", International Symposium on Microarchitecture, December 2004.
[50]
E. J. Schwartz, T. Avgerinos and D. Brumley, "All You Ever Wanted to Know about Dynamic Taint Analysis and Forward Symbolic Execution (but might have been afraid to ask)", IEEE Symposium on Security and Privacy, 2010.
[51]
M. Costa, M. Castro, L. Zhou, L. Zhang and M. Peinado, "Bouncer: Securing software by blocking bad input", ACM Symposium on Operating System Principles, October 2007.
[52]
M. Costa, J. Crowcroft, M. Castro, and A. Rowstron, "Vigilante: End-to-End Containment of Internet Worms", Symposium on Systems and Operating Systems Principles (SOSP), 2005.
[53]
J. Newsome, D. Brumley and D. Song, "Vulnerability-Specific Execution Filtering for Exploit Prevention on Commodity Software", 13th Symposium on Network and Distributed System Security (NDSS), Feb. 2006.
[54]
C. Cadar, V. Ganesh, P. M. Pawlowski, D. L. Dill, and D. R. Engler, "EXE: A System for Automatically Generating Inputs of Death Using Symbolic Execution", 13th ACM Conference on Computer and Communications Security (CCS), 2006.
[55]
M. E. Locasta, A. Stavrou, G. F. Cretu and A. D. Keromytis, "From STEM to SEAD: Speculative Execution for Automatic Defense", USENIX Annual Technical Conference, June 2007, pp. 219 -- 232.
[56]
G. R. Goodson, J. J. Wylie, G. R. Ganger and M. K. Reiter, "The Safety and Liveness Properties of a Protocol Family for Versatile Survivable Storage Infrastructures", Carnegie Mellon University Parallel Data Laboratory Technical Report CMU-PDL-03-105. March 2004.
[57]
A. Daidone, S. Chiaradonna, A. Bondavalli and P. Verissimo, "Analysis of a Redundant Architecture for Critical Infrastructure Protection", Lecture Notes in Computer Science, 2008, vol. 5135, pp 78--100.
[58]
Y. Amir, B. Coan, J. Kirsch and J. Lane, "Byzantine replication under attack", IEEE International Conference on Dependable Systems and Networks With FTCS and DCC, DSN '08, 24--27 June 2008, pp. 197 -- 206.
[59]
Y. Amir, B. Coan, J. Kirsch and J. Lane, "Prime: Byzantine Replication under Attack", IEEE Transactions on Dependable and Secure Computing, July-Aug. 2011, vol.8, no.4, pp. 564 -- 577.
[60]
"2012 Application Security Gap Study: A Survey of IT Security & Developers", Security Innovation, Ponemon Institute LLC, March 2012.
[61]
Bird, J., Johnson, E. & Kim, F., 2015. 2015 State of Application Security: Closing the Gap. SANS survey, SANS Institute Reading Room. Available at: http://www.sans.org/reading-room/whitepapers/analyst/2015-state-application-security-closing-gap-35942, 14th August 2015
[62]
Safdar S. and Hassan M. F., "Two Dimensional Password Based Hybrid Authentication Methods in Vulnerable Workflows", International Conference on Computer and Information Sciences ICCIS 2012, 12th -- 14th June 2012, pp. 908--913.
[63]
Safdar S., Hassan M. F., Qureshi M. A. and Akbar R., "Effective Methods for Secure Authentication in Workflows under Intrusion Threat", Information Technology Journal, 2011, Volume 10, Issue 6, 2011, Pages 1161--1169.
[64]
Safdar S. and Hassan M. F., "Moving Towards Two Dimensional Passwords", International Symposium on Information Technology 2010, ITSIM 2010, June 2010, Malaysia.
[65]
Gomez, O.S., Juristo, N. & Vegas, S., 2014. Understanding Replication of experiments in software engineering. Information and Software Technology, 56, pp.1033--1048.
[66]
Safdar S., Hassan M. F., Akbar R. and Qureshi M. A., "Formalizing An Abstract Architecture For The Alternative Data Source Utilized During System Availability Under Intrusion Threat", The IET International Conference on Wireless Communications and Applications ICWCA 2012, 8th -- 10th Oct 2012.
Recommendations
Dynamical model for individual defence against cyber epidemic attacks
When facing the on‐going cyber epidemic threats, individuals usually set up cyber defences to protect their own devices. In general, the individual‐level cyber defence is considered to mitigate the cyber threat to some extent. However, few previous ...
Automatic control method of DDoS defense policy through the monitoring of system resource
AICT'11: Proceedings of the 2nd international conference on Applied informatics and computing theoryIn these day, we obtain various information through internet services and the distributed denial-of-service (DDoS) attacks for threatening the services are socially and economically serious threats. Recently, the attacks that occurred in July 2009 ...
A Comparative Study of Distributed Denial of Service Attacks, Intrusion Tolerance and Mitigation Techniques
EISIC '11: Proceedings of the 2011 European Intelligence and Security Informatics ConferenceDisruption of service caused by distributed denial of services (DDoS) attacks is an increasing problem in the Internet world. At the present time, to attack the victim's system, the attacker uses sophisticated automated attacking tools for DDoS attack, ...
Comments
Information & Contributors
Information
Published In
January 2017
746 pages
ISBN:9781450348881
DOI:10.1145/3022227
Copyright © 2017 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 05 January 2017
Check for updates
Author Tags
Qualifiers
- Research-article
Conference
IMCOM '17
Sponsor:
IMCOM '17: The 11th International Conference on Ubiquitous Information Management and Communication
January 5 - 7, 2017
Beppu, Japan
Acceptance Rates
IMCOM '17 Paper Acceptance Rate 113 of 366 submissions, 31%;
Overall Acceptance Rate 213 of 621 submissions, 34%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 107Total Downloads
- Downloads (Last 12 months)1
- Downloads (Last 6 weeks)0
Reflects downloads up to 27 Aug 2024
Other Metrics
Citations
View Options
Get Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in