Availability-sensitive intrusion recovery

Shengzhi Zhang, Xi Xiong, Xiaoqi Jia, Peng Liu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Scopus citations

Abstract

A system-wide comprehensive cleaning is the primary goal of intrusion recovery. However, the diversity of the vulnerabilities, the creativity of the attackers and the complexity of system contribute to the difficulty of 'sweeping the footprint' of attacks. In this paper, we propose a VM-based intrusion recovery architecture with more concerns on service availability and continuity. Integrating the state of art techniques such as backtracking, cross-layer damage assessment and heterogeneous VM migration, our system can comprehensively sweep out the footprint of intrusion while providing desired service availability and continuity.

Original languageEnglish (US)
Title of host publicationProceedings of the 1st ACM Workshop on Virtual Machine Security, VMSec '09, Co-located with the 16th ACM Computer and Communications Security Conference, CCS'09
Pages43-48
Number of pages6
DOIs
StatePublished - Dec 1 2009
Event1st ACM Workshop on Virtual Machine Security, VMSec '09, Co-located with the 16th ACM Computer and Communications Security Conference, CCS'09 - Chicago, IL, United States
Duration: Nov 9 2009Nov 13 2009

Publication series

NameProceedings of the ACM Conference on Computer and Communications Security
ISSN (Print)1543-7221

Other

Other1st ACM Workshop on Virtual Machine Security, VMSec '09, Co-located with the 16th ACM Computer and Communications Security Conference, CCS'09
CountryUnited States
CityChicago, IL
Period11/9/0911/13/09

All Science Journal Classification (ASJC) codes

  • Software
  • Computer Networks and Communications

Fingerprint Dive into the research topics of 'Availability-sensitive intrusion recovery'. Together they form a unique fingerprint.

Cite this