This letter proposes a novel intrusion tolerant system consisting of several virtual machines (VMs) that refresh the target system periodically and by live migration, which monitors the many features of the VMs to identify and replace exhausted VMs. The proposed scheme provides adequate performance and dependability against denial of service (DoS) attacks. To show its efficiency and security, we conduct experiments on the CSIM20 simulator, which showed 22% improvement in a normal situation and approximately 77.83% improvement in heavy traffic in terms of the response time compared to that reported in the literature. We measure and compare the response time. The result show that the proposed scheme has shorter response time and maintains than other systems and supports services during the heavy traffic.
Yongjoo SHIN
Korea Advanced Institute of Science and Technology
Sihu SONG
Korea Advanced Institute of Science and Technology
Yunho LEE
SeoulTech
Hyunsoo YOON
Korea Advanced Institute of Science and Technology
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Copy
Yongjoo SHIN, Sihu SONG, Yunho LEE, Hyunsoo YOON, "A Novel Intrusion Tolerant System Using Live Migration" in IEICE TRANSACTIONS on Information,
vol. E97-D, no. 4, pp. 984-988, April 2014, doi: 10.1587/transinf.E97.D.984.
Abstract: This letter proposes a novel intrusion tolerant system consisting of several virtual machines (VMs) that refresh the target system periodically and by live migration, which monitors the many features of the VMs to identify and replace exhausted VMs. The proposed scheme provides adequate performance and dependability against denial of service (DoS) attacks. To show its efficiency and security, we conduct experiments on the CSIM20 simulator, which showed 22% improvement in a normal situation and approximately 77.83% improvement in heavy traffic in terms of the response time compared to that reported in the literature. We measure and compare the response time. The result show that the proposed scheme has shorter response time and maintains than other systems and supports services during the heavy traffic.
URL: https://global.ieice.org/en_transactions/information/10.1587/transinf.E97.D.984/_p
Copy
@ARTICLE{e97-d_4_984,
author={Yongjoo SHIN, Sihu SONG, Yunho LEE, Hyunsoo YOON, },
journal={IEICE TRANSACTIONS on Information},
title={A Novel Intrusion Tolerant System Using Live Migration},
year={2014},
volume={E97-D},
number={4},
pages={984-988},
abstract={This letter proposes a novel intrusion tolerant system consisting of several virtual machines (VMs) that refresh the target system periodically and by live migration, which monitors the many features of the VMs to identify and replace exhausted VMs. The proposed scheme provides adequate performance and dependability against denial of service (DoS) attacks. To show its efficiency and security, we conduct experiments on the CSIM20 simulator, which showed 22% improvement in a normal situation and approximately 77.83% improvement in heavy traffic in terms of the response time compared to that reported in the literature. We measure and compare the response time. The result show that the proposed scheme has shorter response time and maintains than other systems and supports services during the heavy traffic.
},
keywords={},
doi={10.1587/transinf.E97.D.984},
ISSN={1745-1361},
month={April},}
Copy
TY - JOUR
TI - A Novel Intrusion Tolerant System Using Live Migration
T2 - IEICE TRANSACTIONS on Information
SP - 984
EP - 988
AU - Yongjoo SHIN
AU - Sihu SONG
AU - Yunho LEE
AU - Hyunsoo YOON
PY - 2014
DO - 10.1587/transinf.E97.D.984
JO - IEICE TRANSACTIONS on Information
SN - 1745-1361
VL - E97-D
IS - 4
JA - IEICE TRANSACTIONS on Information
Y1 - April 2014
AB - This letter proposes a novel intrusion tolerant system consisting of several virtual machines (VMs) that refresh the target system periodically and by live migration, which monitors the many features of the VMs to identify and replace exhausted VMs. The proposed scheme provides adequate performance and dependability against denial of service (DoS) attacks. To show its efficiency and security, we conduct experiments on the CSIM20 simulator, which showed 22% improvement in a normal situation and approximately 77.83% improvement in heavy traffic in terms of the response time compared to that reported in the literature. We measure and compare the response time. The result show that the proposed scheme has shorter response time and maintains than other systems and supports services during the heavy traffic.
ER -