XLRF: A cross-layer intrusion recovery framework for damage assessment and recovery plan generation

Eunjung Yoon, Peng Liu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Scopus citations

Abstract

Recovering mission-critical systems from intrusion is very challenging, where fast and accurate damage assessment and recovery is vital to ensure business continuity. Existing intrusion recovery approaches mostly focus on a single abstraction layer. OS level recovery cannot fully meet the correctness criteria defined by business process semantics, while business workflow level recovery usually results in non-executable recovery plans. In this paper, we propose a cross-layer recovery framework, called XRLF, for fast and effective post-intrusion diagnosis and recovery of compromised systems using the dependencies captured at different levels of abstraction; business workflow level and OS level. The goal of our approach is two-fold: first, to bridge the semantic gap between workflow-level and system-level recovery, thus enable comprehensive intrusion analysis and recovery; second, to automate damage assessment and recovery plan generation, thus expedite the recovery process, an otherwise time-consuming and error-prone task.

Original languageEnglish (US)
Title of host publicationInformation and Communications Security - 15th International Conference, ICICS 2013, Proceedings
Pages194-212
Number of pages19
DOIs
StatePublished - Dec 1 2013
Event15th International Conference on Information and Communications Security, ICICS 2013 - Beijing, China
Duration: Nov 20 2013Nov 22 2013

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume8233 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other15th International Conference on Information and Communications Security, ICICS 2013
CountryChina
CityBeijing
Period11/20/1311/22/13

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • Computer Science(all)

Fingerprint Dive into the research topics of 'XLRF: A cross-layer intrusion recovery framework for damage assessment and recovery plan generation'. Together they form a unique fingerprint.

  • Cite this

    Yoon, E., & Liu, P. (2013). XLRF: A cross-layer intrusion recovery framework for damage assessment and recovery plan generation. In Information and Communications Security - 15th International Conference, ICICS 2013, Proceedings (pp. 194-212). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 8233 LNCS). https://doi.org/10.1007/978-3-319-02726-5_15