Multi-version attack recovery for workflow systems

Meng Yu, Peng Liu, Wanyu Zang

Research output: Chapter in Book/Report/Conference proceedingConference contribution

19 Citations (Scopus)

Abstract

Workflow systems are popular in daily business processing. Since vulnerabilities cannot be totally removed from a system, recovery from successful attacks is unavoidable. We focus on attacks that inject malicious tasks into workflow management systems. We introduce practical techniques for on-line attack recovery, which include rules for locating damage and rules for execution order. In our system, an independent intrusion detection system reports identified malicious tasks periodically. The recovery system detects all damage caused by the malicious tasks and automatically repairs the damage according to dependency relations. Without multiple versions of data objects, recovery tasks may be corrupted by executing normal tasks when we try to run damage analysis and normal tasks concurrently. We address the problem by introducing multiversion data objects to reduce unnecessary blocking of normal task execution and improve the performance of the whole system. We analyze the integrity level and performance of our system. The analytic results demonstrate guidelines for designing such kinds of systems.

Original languageEnglish (US)
Title of host publicationProceedings - 19th Annual Computer Security Applications Conference, ACSAC 2003
PublisherIEEE Computer Society
Pages142-150
Number of pages9
ISBN (Electronic)0769520413
DOIs
StatePublished - Jan 1 2003
Event19th Annual Computer Security Applications Conference, ACSAC 2003 - Las Vegas, United States
Duration: Dec 8 2003Dec 12 2003

Publication series

NameProceedings - Annual Computer Security Applications Conference, ACSAC
Volume2003-January
ISSN (Print)1063-9527

Other

Other19th Annual Computer Security Applications Conference, ACSAC 2003
CountryUnited States
CityLas Vegas
Period12/8/0312/12/03

Fingerprint

Recovery
Intrusion detection
Repair
Processing
Industry

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Software
  • Safety, Risk, Reliability and Quality

Cite this

Yu, M., Liu, P., & Zang, W. (2003). Multi-version attack recovery for workflow systems. In Proceedings - 19th Annual Computer Security Applications Conference, ACSAC 2003 (pp. 142-150). [1254319] (Proceedings - Annual Computer Security Applications Conference, ACSAC; Vol. 2003-January). IEEE Computer Society. https://doi.org/10.1109/CSAC.2003.1254319
Yu, Meng ; Liu, Peng ; Zang, Wanyu. / Multi-version attack recovery for workflow systems. Proceedings - 19th Annual Computer Security Applications Conference, ACSAC 2003. IEEE Computer Society, 2003. pp. 142-150 (Proceedings - Annual Computer Security Applications Conference, ACSAC).
@inproceedings{650a01fbef5441478b446403cace32cb,
title = "Multi-version attack recovery for workflow systems",
abstract = "Workflow systems are popular in daily business processing. Since vulnerabilities cannot be totally removed from a system, recovery from successful attacks is unavoidable. We focus on attacks that inject malicious tasks into workflow management systems. We introduce practical techniques for on-line attack recovery, which include rules for locating damage and rules for execution order. In our system, an independent intrusion detection system reports identified malicious tasks periodically. The recovery system detects all damage caused by the malicious tasks and automatically repairs the damage according to dependency relations. Without multiple versions of data objects, recovery tasks may be corrupted by executing normal tasks when we try to run damage analysis and normal tasks concurrently. We address the problem by introducing multiversion data objects to reduce unnecessary blocking of normal task execution and improve the performance of the whole system. We analyze the integrity level and performance of our system. The analytic results demonstrate guidelines for designing such kinds of systems.",
author = "Meng Yu and Peng Liu and Wanyu Zang",
year = "2003",
month = "1",
day = "1",
doi = "10.1109/CSAC.2003.1254319",
language = "English (US)",
series = "Proceedings - Annual Computer Security Applications Conference, ACSAC",
publisher = "IEEE Computer Society",
pages = "142--150",
booktitle = "Proceedings - 19th Annual Computer Security Applications Conference, ACSAC 2003",
address = "United States",

}

Yu, M, Liu, P & Zang, W 2003, Multi-version attack recovery for workflow systems. in Proceedings - 19th Annual Computer Security Applications Conference, ACSAC 2003., 1254319, Proceedings - Annual Computer Security Applications Conference, ACSAC, vol. 2003-January, IEEE Computer Society, pp. 142-150, 19th Annual Computer Security Applications Conference, ACSAC 2003, Las Vegas, United States, 12/8/03. https://doi.org/10.1109/CSAC.2003.1254319

Multi-version attack recovery for workflow systems. / Yu, Meng; Liu, Peng; Zang, Wanyu.

Proceedings - 19th Annual Computer Security Applications Conference, ACSAC 2003. IEEE Computer Society, 2003. p. 142-150 1254319 (Proceedings - Annual Computer Security Applications Conference, ACSAC; Vol. 2003-January).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

TY - GEN

T1 - Multi-version attack recovery for workflow systems

AU - Yu, Meng

AU - Liu, Peng

AU - Zang, Wanyu

PY - 2003/1/1

Y1 - 2003/1/1

N2 - Workflow systems are popular in daily business processing. Since vulnerabilities cannot be totally removed from a system, recovery from successful attacks is unavoidable. We focus on attacks that inject malicious tasks into workflow management systems. We introduce practical techniques for on-line attack recovery, which include rules for locating damage and rules for execution order. In our system, an independent intrusion detection system reports identified malicious tasks periodically. The recovery system detects all damage caused by the malicious tasks and automatically repairs the damage according to dependency relations. Without multiple versions of data objects, recovery tasks may be corrupted by executing normal tasks when we try to run damage analysis and normal tasks concurrently. We address the problem by introducing multiversion data objects to reduce unnecessary blocking of normal task execution and improve the performance of the whole system. We analyze the integrity level and performance of our system. The analytic results demonstrate guidelines for designing such kinds of systems.

AB - Workflow systems are popular in daily business processing. Since vulnerabilities cannot be totally removed from a system, recovery from successful attacks is unavoidable. We focus on attacks that inject malicious tasks into workflow management systems. We introduce practical techniques for on-line attack recovery, which include rules for locating damage and rules for execution order. In our system, an independent intrusion detection system reports identified malicious tasks periodically. The recovery system detects all damage caused by the malicious tasks and automatically repairs the damage according to dependency relations. Without multiple versions of data objects, recovery tasks may be corrupted by executing normal tasks when we try to run damage analysis and normal tasks concurrently. We address the problem by introducing multiversion data objects to reduce unnecessary blocking of normal task execution and improve the performance of the whole system. We analyze the integrity level and performance of our system. The analytic results demonstrate guidelines for designing such kinds of systems.

UR - http://www.scopus.com/inward/record.url?scp=84944718313&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84944718313&partnerID=8YFLogxK

U2 - 10.1109/CSAC.2003.1254319

DO - 10.1109/CSAC.2003.1254319

M3 - Conference contribution

AN - SCOPUS:84944718313

T3 - Proceedings - Annual Computer Security Applications Conference, ACSAC

SP - 142

EP - 150

BT - Proceedings - 19th Annual Computer Security Applications Conference, ACSAC 2003

PB - IEEE Computer Society

ER -

Yu M, Liu P, Zang W. Multi-version attack recovery for workflow systems. In Proceedings - 19th Annual Computer Security Applications Conference, ACSAC 2003. IEEE Computer Society. 2003. p. 142-150. 1254319. (Proceedings - Annual Computer Security Applications Conference, ACSAC). https://doi.org/10.1109/CSAC.2003.1254319