Skip to Main Content
Self-protection refers to the ability for a system to detect illegal behaviors and to fight-back intrusions with counter-measures. This article presents the design, the implementation, and the evaluation of a self-protected system which targets clustered distributed applications. Our approach is based on the structural knowledge of the cluster and of the distributed applications. This knowledge allows to detect known and unknown attacks if an illegal communication channel is used. The current prototype is a self-protected JEE infrastructure (Java 2 Enterprise Edition) with firewall-based intrusion detection. Our prototype induces low-performance penalty for applications.