Practical Intrusion-Tolerant Networks

Daniel Obenshain; Thomas Tantillo; Amy Babay; John Schultz; Andrew Newell; Md Edadul Hoque; Yair Amir; Cristina Nita-Rotaru

doi:10.1109/ICDCS.2016.99

Practical Intrusion-Tolerant Networks

Daniel Obenshain, Thomas Tantillo, Amy Babay, John Schultz, Andrew Newell, Md Edadul Hoque, Yair Amir, Cristina Nita-Rotaru

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

8 Scopus citations

Abstract

As the Internet becomes an important part of the infrastructure our society depends on, it is crucial to construct networks that are able to work even when part of the network is compromised. This paper presents the first practical intrusion-tolerant network service, targeting high-value applications such as monitoring and control of global clouds and management of critical infrastructure for the power grid. We use an overlay approach to leverage the existing IP infrastructure while providing the required resiliency and timeliness. Our solution overcomes malicious attacks and compromises in both the underlying network infrastructure and in the overlay itself. We deploy and evaluate the intrusion-tolerant overlay implementation on a global cloud spanning East Asia, North America, and Europe, and make it publicly available.

Original language	English (US)
Title of host publication	Proceedings - 2016 IEEE 36th International Conference on Distributed Computing Systems, ICDCS 2016
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	45-56
Number of pages	12
ISBN (Electronic)	9781509014828
DOIs	https://doi.org/10.1109/ICDCS.2016.99
State	Published - Aug 8 2016
Externally published	Yes
Event	36th IEEE International Conference on Distributed Computing Systems, ICDCS 2016 - Nara, Japan Duration: Jun 27 2016 → Jun 30 2016

Publication series

Name	Proceedings - International Conference on Distributed Computing Systems
Volume	2016-August

Other

Other	36th IEEE International Conference on Distributed Computing Systems, ICDCS 2016
Country/Territory	Japan
City	Nara
Period	6/27/16 → 6/30/16

Keywords

Intrusion Tolerance
Overlay Networks
Resilient Networks

ASJC Scopus subject areas

Computer Networks and Communications
Hardware and Architecture
Software

Access to Document

10.1109/ICDCS.2016.99

Cite this

Obenshain, D., Tantillo, T., Babay, A., Schultz, J., Newell, A., Hoque, M. E., Amir, Y., & Nita-Rotaru, C. (2016). Practical Intrusion-Tolerant Networks. In Proceedings - 2016 IEEE 36th International Conference on Distributed Computing Systems, ICDCS 2016 (pp. 45-56). [7536504] (Proceedings - International Conference on Distributed Computing Systems; Vol. 2016-August). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/ICDCS.2016.99

Practical Intrusion-Tolerant Networks. / Obenshain, Daniel; Tantillo, Thomas; Babay, Amy; Schultz, John; Newell, Andrew; Hoque, Md Edadul; Amir, Yair; Nita-Rotaru, Cristina.

Proceedings - 2016 IEEE 36th International Conference on Distributed Computing Systems, ICDCS 2016. Institute of Electrical and Electronics Engineers Inc., 2016. p. 45-56 7536504 (Proceedings - International Conference on Distributed Computing Systems; Vol. 2016-August).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Obenshain, D, Tantillo, T, Babay, A, Schultz, J, Newell, A, Hoque, ME, Amir, Y & Nita-Rotaru, C 2016, Practical Intrusion-Tolerant Networks. in Proceedings - 2016 IEEE 36th International Conference on Distributed Computing Systems, ICDCS 2016., 7536504, Proceedings - International Conference on Distributed Computing Systems, vol. 2016-August, Institute of Electrical and Electronics Engineers Inc., pp. 45-56, 36th IEEE International Conference on Distributed Computing Systems, ICDCS 2016, Nara, Japan, 6/27/16. https://doi.org/10.1109/ICDCS.2016.99

Obenshain D, Tantillo T, Babay A, Schultz J, Newell A, Hoque ME et al. Practical Intrusion-Tolerant Networks. In Proceedings - 2016 IEEE 36th International Conference on Distributed Computing Systems, ICDCS 2016. Institute of Electrical and Electronics Engineers Inc. 2016. p. 45-56. 7536504. (Proceedings - International Conference on Distributed Computing Systems). https://doi.org/10.1109/ICDCS.2016.99

Obenshain, Daniel ; Tantillo, Thomas ; Babay, Amy ; Schultz, John ; Newell, Andrew ; Hoque, Md Edadul ; Amir, Yair ; Nita-Rotaru, Cristina. / Practical Intrusion-Tolerant Networks. Proceedings - 2016 IEEE 36th International Conference on Distributed Computing Systems, ICDCS 2016. Institute of Electrical and Electronics Engineers Inc., 2016. pp. 45-56 (Proceedings - International Conference on Distributed Computing Systems).

@inproceedings{9d13d7926ba64927b7c677a323a4ecb3,

title = "Practical Intrusion-Tolerant Networks",

abstract = "As the Internet becomes an important part of the infrastructure our society depends on, it is crucial to construct networks that are able to work even when part of the network is compromised. This paper presents the first practical intrusion-tolerant network service, targeting high-value applications such as monitoring and control of global clouds and management of critical infrastructure for the power grid. We use an overlay approach to leverage the existing IP infrastructure while providing the required resiliency and timeliness. Our solution overcomes malicious attacks and compromises in both the underlying network infrastructure and in the overlay itself. We deploy and evaluate the intrusion-tolerant overlay implementation on a global cloud spanning East Asia, North America, and Europe, and make it publicly available.",

keywords = "Intrusion Tolerance, Overlay Networks, Resilient Networks",

author = "Daniel Obenshain and Thomas Tantillo and Amy Babay and John Schultz and Andrew Newell and Hoque, {Md Edadul} and Yair Amir and Cristina Nita-Rotaru",

note = "Publisher Copyright: {\textcopyright} 2016 IEEE.; 36th IEEE International Conference on Distributed Computing Systems, ICDCS 2016 ; Conference date: 27-06-2016 Through 30-06-2016",

year = "2016",

month = aug,

day = "8",

doi = "10.1109/ICDCS.2016.99",

language = "English (US)",

series = "Proceedings - International Conference on Distributed Computing Systems",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "45--56",

booktitle = "Proceedings - 2016 IEEE 36th International Conference on Distributed Computing Systems, ICDCS 2016",

}

TY - GEN

T1 - Practical Intrusion-Tolerant Networks

AU - Obenshain, Daniel

AU - Tantillo, Thomas

AU - Babay, Amy

AU - Schultz, John

AU - Newell, Andrew

AU - Hoque, Md Edadul

AU - Amir, Yair

AU - Nita-Rotaru, Cristina

PY - 2016/8/8

Y1 - 2016/8/8

N2 - As the Internet becomes an important part of the infrastructure our society depends on, it is crucial to construct networks that are able to work even when part of the network is compromised. This paper presents the first practical intrusion-tolerant network service, targeting high-value applications such as monitoring and control of global clouds and management of critical infrastructure for the power grid. We use an overlay approach to leverage the existing IP infrastructure while providing the required resiliency and timeliness. Our solution overcomes malicious attacks and compromises in both the underlying network infrastructure and in the overlay itself. We deploy and evaluate the intrusion-tolerant overlay implementation on a global cloud spanning East Asia, North America, and Europe, and make it publicly available.

AB - As the Internet becomes an important part of the infrastructure our society depends on, it is crucial to construct networks that are able to work even when part of the network is compromised. This paper presents the first practical intrusion-tolerant network service, targeting high-value applications such as monitoring and control of global clouds and management of critical infrastructure for the power grid. We use an overlay approach to leverage the existing IP infrastructure while providing the required resiliency and timeliness. Our solution overcomes malicious attacks and compromises in both the underlying network infrastructure and in the overlay itself. We deploy and evaluate the intrusion-tolerant overlay implementation on a global cloud spanning East Asia, North America, and Europe, and make it publicly available.

KW - Intrusion Tolerance

KW - Overlay Networks

KW - Resilient Networks

UR - http://www.scopus.com/inward/record.url?scp=84985902372&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84985902372&partnerID=8YFLogxK

U2 - 10.1109/ICDCS.2016.99

DO - 10.1109/ICDCS.2016.99

M3 - Conference contribution

AN - SCOPUS:84985902372

T3 - Proceedings - International Conference on Distributed Computing Systems

SP - 45

EP - 56

BT - Proceedings - 2016 IEEE 36th International Conference on Distributed Computing Systems, ICDCS 2016

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 36th IEEE International Conference on Distributed Computing Systems, ICDCS 2016

Y2 - 27 June 2016 through 30 June 2016

ER -

Practical Intrusion-Tolerant Networks

Abstract

Publication series

Other

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this