An intrusion-tolerant firewall design for protecting SIEM systems

Garcia, Miguel; Neves, Nuno; Bessani, Alysson

doi:10.1109/dsnw.2013.6615538

Cited by 6 publications

(3 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Such complex processing engines already exist as a research prototypes, i.e. Massif project [21,22,8], but also reached maturity level where they have been adopted by industry and deployed in production, including BeepBeep-3 [5], Apache Flink and Storm [3], SQLstream [36].…”

Section: Prilok Complex Event Processing Engine (Pcepe)mentioning

confidence: 99%

PriLok: Citizen-protecting distributed epidemic tracing

Esteves-Verissimo,

Decouchant,

Völp

et al. 2020

Preprint

View full text Add to dashboard Cite

Contact tracing is an important instrument for national health services to fight epidemics. As part of the COVID-19 situation, many proposals have been made for scaling up contact tracing capacities with the help of smartphone applications, an important but highly critical endeavour due to the privacy risks involved in such solutions. Extending our previously expressed concern, we clearly articulate in this article, the functional and non-functional requirements that any solution has to meet, when striving to serve, not mere collections of individuals, but the whole of a nation, as required in face of such potentially dangerous epidemics. We present a critical information infrastructure, PriLok, a fully-open preliminary architecture proposal and design draft for privacy-preserving digital contact tracing, which we believe can be constructed in a way to fulfil the former requirements. Our architecture leverages the existing regulated mobile communication infrastructure and builds upon the concept of "checks and balances", requiring a majority of independent players to agree to effect any operation on it, thus preventing abuse of the highly sensitive information that must be collected and processed for efficient contact tracing. This is technically enforced with a largely decentralised layout and highly resilient state-of-the-art technology, which we explain in the paper, finishing by giving a security, dependability and resilience analysis, showing how it meets the defined requirements, even while the infrastructure is under attack.

show abstract

Section: Prilok Complex Event Processing Engine (Pcepe)mentioning

confidence: 99%

PriLok: Citizen-protecting distributed epidemic tracing

Esteves-Verissimo,

Decouchant,

Völp

et al. 2020

Preprint

View full text Add to dashboard Cite

show abstract

“…Making security services intrusion tolerant has also been the subject of previous publications, mostly focussing on rewalls. Garcia et al propose such intrusion tolerant rewall for protecting SIEM systems [6]. Sousa et al [12] propose a self-healing intrusion tolerant rewall architecture for protecting critical infrastructures.…”

Section: Related Workmentioning

confidence: 99%

Towards intrusion-resilient security monitoring in multi-cloud infrastructures

Reiser

2017

Proceedings of the 1st International Workshop on Security and Dependability of Multi-Domain Infrastructures

View full text Add to dashboard Cite

Multi-cloud architectures enable the design of resilient distributed service applications. Such applications can bene t from a combination of intrusion-tolerant replication across clouds with intrusion detection and analysis mechanisms. Such mechanisms enable the detection of attacks that a ect multiple replicas and thus exceed the intrusion masking capability, and in addition support fast reaction and recovery from local intrusions. In this work-in-progress paper we present a security analysis on which an intrusion detection and analysis service can be based on. We sketch the architecture of such a cross-cloud intrusion detection architecture that combines a set of wellknown mechanisms. The goal of our approach is obtaining a resource-e cient service with optimal resilience against malicious attacks.

show abstract

“…Fault-tolerant protocols have been extensively used by distributed systems to provide robustness and high availability [42,55,61,82,94,131,180]. While cloud systems, such as Google's Spanner [82], Amazon's Dynamo [94], and Facebook's Tao [61], rely on crash fault-tolerant protocols, e.g., Paxos [149], to establish consensus, a Byzantine fault-tolerant (BFT) protocol is a key ingredient in distributed systems with non-trustworthy infrastructures, e.g., permissioned blockchains [1- 3, 24, 26, 28-30, 32, 44, 78, 115-117, 124, 147, 196, 203, 206] and even permissionless blockchains [62,139,141,167,230], distributed file systems [13,70,80], locking service [81], firewalls [53,111,112,202,213,228], certificate authority systems [234], SCADA systems [40,138,188,233], key-value datastores [51,98,114,127,202], and key management [170].…”

Section: Introductionmentioning

confidence: 99%

The Bedrock of Byzantine Fault Tolerance: A Unified Platform for BFT Protocol Design and Implementation

Amiri¹,

Wu²,

Agrawal³

et al. 2022

Preprint

View full text Add to dashboard Cite

Byzantine fault-tolerant protocols cover a broad spectrum of design dimensions from environmental setting on communication topology, to more technical features such as commitment strategy and even fundamental social choice related properties like order fairness. Designing and building BFT protocols remains a laborious task despite of years of intensive research. The proliferation of different BFT protocols has rendered it difficult to navigate BFT landscape, let alone determine the protocol that best meets application needs. This paper presents BEDROCK, a unified platform for BFT protocols design and implementation. BEDROCK exposes an API that presents a set of design choices capturing the trade-offs between different design space dimensions in BFT implementations. Based on user choices, BEDROCK then generates the BFT protocols within the space of plausible choices, evolves current protocols to generate new ones, and even uncovers previously unknown protocols. Our experimental results validate the capability of BEDROCK in deriving existing and new BFT protocols.

show abstract

An intrusion-tolerant firewall design for protecting SIEM systems

Cited by 6 publications

References 9 publications

PriLok: Citizen-protecting distributed epidemic tracing

PriLok: Citizen-protecting distributed epidemic tracing

Towards intrusion-resilient security monitoring in multi-cloud infrastructures

The Bedrock of Byzantine Fault Tolerance: A Unified Platform for BFT Protocol Design and Implementation

Contact Info

Product

Resources

About