By Topic

Intrusion tolerant Web servers via network layer controls

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

1 Author(s)

Summary form only given. This demonstration shows the approach taken on the Intrusion Tolerant Server Infrastructure (ITSI) program to identify and isolate intrusions, prevent them from freely spreading, and continue to provide service to benign users while recovering from the intrusion. The distinguishing feature of the ITSI approach is the use of "smart NIC" to help identify intrusions, and, once an intrusion has been detected, to contain it and ensure that service is uninterrupted by providing a failover capability. These smart NIC are based on the distributed firewall technology developed by Secure Computing on DARPA's Autonomic Distributed Firewall (ADF) program. The ADF NIC has been enhanced on the ITSI program to support multi-server load sharing, to enable load shifting in the face of attacks, and to provide an alert capability when unauthorized traffic is detected. The demonstration prototype uses two heterogeneous Web servers: Apache running on SELinux and IIS running on Windows 2000. The demonstration shows how various attacks are detected and how the smart NIC can be used to respond to an attack in a manner that ensures that the Web service will continue to operate.

Published in:

DARPA Information Survivability Conference and Exposition, 2003. Proceedings  (Volume:2 )

Date of Conference:

22-24 April 2003