Dependable Intrusion Tolerance (DIT)
The deployment of intrusion-detection technology on mission-critical
and commercial systems shows that perfect detection and immediate
mitigation of attacks remain elusive goals. Even systems developed at
great cost contain residual faults and vulnerabilities. In practice,
emphasis must shift from unattainable ``bulletproof'' systems to
intrusion-tolerant system capable of self-diagnosis, repair, and
reconstitution, while continuing to provide service to legitimate
clients (with possible degradation) in the presence of intrusions.
The Dependable Intrusion Tolerance project
seeks to develop a prototype intrusion-tolerant server architecture.
The design, which integrates concepts from distributed intrusion
detection, fault tolerance, and formal verification, focuses on Web
service, though the approach is more general. The system aims to
maintain efficient service with high availability (with possibly
degraded response times or throughput) and integrity in the face of a
variety of attacks.