Survivability Analysis of VM-Based Intrusion Tolerant Systems

Junjun ZHENG
Hiroyuki OKAMURA
Tadashi DOHI

IEICE TRANSACTIONS on Information and Systems   Vol.E98-D    No.12    pp.2082-2090
Publication Date: 2015/12/01
Publicized: 2015/09/15
Online ISSN: 1745-1361
DOI: 10.1587/transinf.2015PAP0007
Type of Manuscript: Special Section PAPER (Special Section on Parallel and Distributed Computing and Networking)
Category: Network
intrusion tolerant system,  byzantine failure,  virtualization,  survivability,  Markov model,  

Full Text: PDF>>
Buy this Article

Survivability is the capability of a system to provide its services in a timely manner even after intrusion and compromise occur. In this paper, we focus on the quantitative analysis of survivability of virtual machine (VM) based intrusion tolerant system in the presence of Byzantine failures due to malicious attacks. Intrusion tolerant system has the ability of a system to continuously provide correct services even if the system is intruded. This paper introduces a scheme of the intrusion tolerant system with virtualization, and derives the success probability for one request by a Markov chain under the environment where VMs have been intruded due to a security hole by malicious attacks. Finally, in numerical experiments, we evaluate the performance of VM-based intrusion tolerant system from the viewpoint of survivability.