QIN Junning,HAN Jiajia,ZHOU Sheng,WU Chunming,CHEN Shuangxi,ZHAO Ruoyan,ZHANG Jiangyu

DOI: https://doi.org/10.11959/j.issn.1000-0801.2020143

2020-01-01

Abstract:The unbalanced development status of network security was introduced.The main hazards and the mechanism model of penetration testing were described,and the inherent shortcomings of many existing traditional defense methods were analyzed.However,new method of the mimic defense model makes the attack information obtained invalid by dynamically selecting the executive set and adaptively changing the system composition.The same attack mode is difficult to be maintained or reproduced.Based on the attack chain model,the traditional defensetechnology and mimic defense technology were analyzed and compared,and it was demonstrated that it had a protective role in multiple stages of the attack chain.Finally,the effectiveness and superiority of the mimic defense was verified by experiments,and the model was summarized and prospected.

Bo Mei,Zhengbin Zhu,Peijie Li,Bo Zhao

DOI: https://doi.org/10.1049/2024/2023349

2024-04-12

IET Information Security

Abstract:System on Wafer (SoW) based on chiplets may be implanted with hardware Trojans (HTs) by untrustworthy third-party chiplet vendors. However, traditional HTs protection techniques cannot guarantee complete protection against HTs, which poses a great challenge to the hardware security of SoW. In this paper, we propose a computing architecture based on endogenous security theory—dynamic heterogeneous redundant computing architecture (DHRCA) that can tolerate and detect HTs at runtime. The security of our approach is analyzed by building a generalized stochastic coloring petri net (GSCPN) model of DHRCA. The simulation results based on the GSCPN model show that our method can improve the system security probability to 0.8690 and the system availability probability to 0.9750 in the steady state compared with typical triple-mode redundancy and runtime monitoring methods. Furthermore, the impact of different attack and defense strategies on system security of different methods is simulated and analyzed in this paper.

computer science, information systems, theory & methods

Xing Gao,Ming-Hong Liao,Xiang-Hu Wu,Chao-Yong Li

DOI: https://doi.org/10.1108/00022660910926863

2009-01-01

Abstract:PurposeThe purpose of this paper is to present a novel algorithm to handle space environment induced errors in the space‐robot software.Design/methodology/approachThe radiations in outer space may induce transient errors in micro‐processors, this phenomena will make software behavior unpredictable, and the existing software fault tolerance methods have been restricted in non‐multi‐threaded operation systems, non‐component‐based frameworks, non‐cacheable micro‐processors, non‐distributed environments, etc. A software model for space‐robot software, based on adaptive redundancy, is developed and a corresponding run‐time error detection algorithm is presented in this paper. Software was monitored and run‐time transient error would be detected and processed.FindingsExperiments indicate that this method introduces about 30‐35 percent time overhead and about 200‐230 percent memory overhead. It also increases the fault detection rate to 84‐92.5 percent. Moreover, the model and algorithm is effective in a realistic space robot environment.Originality/valueA redundancy model is developed and an error detection algorithm is introduced in this paper. Experiments demonstrate it can provide space‐robot software with good protection against the radiation induced transient errors.

杨仕平,桑楠,吴新勇,熊光泽

DOI: https://doi.org/10.3321/j.issn:1001-506x.2004.02.038

2004-01-01

Abstract:To improve the dependability of safety critical systems, after analyzing status quo of high dependable safeguard mechanism, an integrated high dependable safeguard systematic framework where several subsystems share the same system resources is proposed. However, the deleterious interferences among subsystems with different level of criticality must be avoided, for example, the residual design faults in low criticality software can not corrupt high criticality components. To resolve this problem, the multilevel security safeguard mechanisms used in information security domain are firstly analyzed. Following this, some safety access control rules abided by subsystems cooperating each another are proposed. To implement these rules, the reflective technology based on metaobject is adopted. About how to apply reflective technology to implement these rules is analyzed in details. At last, the result of experiment is supplied, and the related work and future trends of research in this field are listed.

Han Jin,Zang Binyu

DOI: https://doi.org/10.3969/j.issn.1000-386X.2010.09.086

2010-01-01

Abstract:Principal working theory of mainstream intrusion detection system is that to compare the outcomes of two softwares with similar functions when tackling the same input and to determine one of them has or has not been intruded by malicious software based on the differences of their outcomes.When these replicas are constructed using off-the-shelf software products,it is assumed that they are sufficiently diverse and will not be compromised simultaneously under the attack from same malicious software.In this paper,we analyzed 6000 or more vulnerabilities published in 2007 to evaluate the validity of this assumption.Analytical results demonstrate that about 98% or more application software with same functions can be used to form the intrusion detection system of such kind effectively,and almost half of these applications can be run on multiple operating system platform simultaneously for improving system security effectually.

Jingjing Hu,Yu Li,Zhaozhao Li,Qinrang Liu,Jiangxing Wu

DOI: https://doi.org/10.1109/tnsm.2024.3387725

2024-01-01

IEEE Transactions on Network and Service Management

Abstract:The Dynamic Heterogeneous Redundancy (DHR) architecture presents a novel approach to system design and organization, aiming to enhance system security by integrating dynamicity and heterogeneity into its structure. Despite its practical efficacy, the theoretical underpinnings elucidating the mechanisms through which DHR enhances security remain unestablished. This study endeavors to bridge this gap by conducting a theoretical analysis and modeling of the DHR architecture, focusing on its intrinsic characteristics and their implications for system security. Employing static game theory, our research uncovers the unique Nash equilibrium within DHR architecture. Expanding upon this mathematical framework, we delve into how factors such as dynamicity, heterogeneity, and failure rates influence these equilibria, subsequently shaping system security. To validate our findings, we conduct a case study involving a triply redundant DHR system and simulate the offense-defense interplay using the Adam optimization algorithm within boundedly rational static games. Our results affirm the variations in system security under diverse initial conditions and model states, thereby establishing a robust theoretical foundation for DHR architectures and laying the groundwork for their broader comprehension and application across various domains.

Xiaohua Li,Gang Wang,Lin Xiao,Maosheng Ding

DOI: https://doi.org/10.1109/TDC.2005.1547134

2005-01-01

Abstract:This paper gives a new more practical software reliability model based on architectures of software components. This model uses semi-Markov chain and can give the quantitative evaluation about the digital protection's software. It analyzes the relation between the material architecture of software's modules and the reliability of software, then changes the model into a semi-Markov one based on the architecture of software's modules. Besides having the characters of the former model, this one have the ability to emulate the reliability in the situation which is the software having complex architecture or the system having the capability about paratactic calculating. Furthermore, the variable parameter method is used to study the sensitivity in order to find the vital factors of reliability. An example is given to demo the proposed techniques. The calculation results prove that the algorithm is viable. © 2005 IEEE.

杨仕平,熊光泽,桑楠

DOI: https://doi.org/10.3321/j.issn:0372-2112.2003.08.028

2003-01-01

Tien Tzu Hsueh Pao/Acta Electronica Sinica

Abstract:After analyzing status quo of high dependability safeguard mechanism, an integrated high dependability safeguard systematic framework supporting multilevel criticality in which several subsystems share the same system resources is brought forward. In order to avoid deleterious interferences between subsystems with different criticality, a kind of high dependability temporal isolation mechanism based on two level scheduling approach is brought forward. In order to realize this mechanism, integrated high dependability safeguard mechanism supporting multilevel criticality based on single node computer is emphatically researched. The scheduling model is constructed. The schedulability of tasks and subsystems are analyzed. The correctness of time isolation mechanism is proved by several samples. The conclusion of researching on high dependability safeguard may be applied to the other no safety-related areas, and has great practicability.

ZHANG Yu,HE Tao

DOI: https://doi.org/10.3969/j.issn.1671-0428.2011.03.023

IF: 5.105

2011-01-01

Computers & Security

Abstract:This paper describes the reliability of software based on relex2008,establishment of fault tree and analysis of single system reliability of electric switch machines.The reliability and safety index of the Dual module hot stand-by,Triple Modular Redundancy and Double 2-vote-2 redundant structure system made of different tolerant structure are analyzed and compared.The results show that the Double 2-vote-2 redundant system is more security and can largely reduce the risk of the probability of occurrence in order to ensure traffic safety.

Sufyan Samara,Yuhong Zhao,Franz J. Rammig

DOI: https://doi.org/10.1007/978-3-642-15234-4_11

2010-01-01

Abstract:This paper presents a novel flexible, dependable, and reliable operating system design for distributed reconfigurable system on chip. The dependability and reliability are achieved by integrating online model checking technique. Each OS service has different implementations which are further partitioned into small blocks. This operating system design allows the OS service to be adapted at runtime according to the given resource requirements and response time. Such adaptable services may be required by real time safety-critical applications. The flexibility introduced in executing adaptable OS services also gives rise to a potential safety problem. Thus, online model checking is integrated to the operating system so as to improve the dependability, reliability, and fault tolerance of these adaptable OS services.

Bo Yang,Min Xie

DOI: https://doi.org/10.1109/PRDC.1999.816215

1999-01-01

Abstract:For many safety critical systems, redundancy is the only acceptable method to achieve high operational reliability as individual modules can hardly be certified to have reached that level. When limited resources are available in the testing of a redundant software system, it is important to allocate the testing-time efficiently so that the maximum reliability of the complete system is achieved. In this paper, this problem is investigated in detail. A general formulation is presented and a specific case is used to illustrate the procedure. The case where individual module reliability requirements are given is also considered.

Wang Wei,Yin Jun,Zhang Mei-jie

DOI: https://doi.org/10.1109/iccsnt.2011.6182273

2012-01-01

Abstract:The digital circuit system base on SRAM-based FPGA is easy to encounter single event radiation effects in the high intensity radiation situation, which may result in many instantaneous or permanent faults. Redundant design is effective method to reduce the problem. The ability and reliability of overcoming the Single Event Effects of various redundant design methods, Triple Modular Redundancy (TMR) method and Partial Reconfiguration (PR) method were analyzed in this paper.

Mengmeng Ge,Huy Kang Kim,Dong Seong Kim

DOI: https://doi.org/10.48550/arXiv.1705.00128

2017-04-29

Abstract:In most of modern enterprise systems, redundancy configuration is often considered to provide availability during the part of such systems is being patched. However, the redundancy may increase the attack surface of the system. In this paper, we model and assess the security and capacity oriented availability of multiple server redundancy designs when applying security patches to the servers. We construct (1) a graphical security model to evaluate the security under potential attacks before and after applying patches, (2) a stochastic reward net model to assess the capacity oriented availability of the system with a patch schedule. We present our approach based on case study and model-based evaluation for multiple design choices. The results show redundancy designs increase capacity oriented availability but decrease security when applying security patches. We define functions that compare values of security metrics and capacity oriented availability with the chosen upper/lower bounds to find design choices that satisfy both security and availability requirements.

Cryptography and Security

Yanyan Shen,Gernot Heiser,Kevin Elphinstone

DOI: https://doi.org/10.1109/dsn.2019.00031

2019-01-01

Abstract:High availability and integrity are paramount in systems deployed in life-and mission-critical scenarios. Such fault-tolerance can be achieved through redundant co-execution (RCoE) on replicated hardware, now cheaply available with multicore processors. RCoE replicates almost all software, including OS kernel, drivers, and applications, achieving a sphere of replication that covers everything except the minimal interfaces to non-replicated peripherals. We complement our original, loosely-coupled RCoE with a closely-coupled version that improves transparency of replication to application code, and investigate the functionality, performance and vulnerability trade-offs.

Yuxia Cheng,Qing Wu,Wenzhi Chen,Bei Wang

DOI: https://doi.org/10.1016/j.jpdc.2018.07.014

IF: 4.542

2018-01-01

Journal of Parallel and Distributed Computing

Abstract:Transmissible cyber threats have become one of the most serious security issues in cyberspace. Many techniques have been proposed to model, simulate and identify threats’ sources and their propagation in large-scale distributed networks. Most techniques are based on the analysis of real networks dataset that contains sensitive information. Traditional in-memory analysis of these dataset often causes data leakage due to system vulnerabilities. If the dataset itself is compromised by adversaries, this threat cost would be even higher than the threat being analysed. In this paper, we propose a new distributed shielded execution framework (Disef) for cyber threats analysis. The Disef framework enables efficient distributed analysis of network dataset while achieves security guarantees of data confidentiality and integrity. In-memory dataset is protected by using a new encrypted key–value format and could be efficiently transferred into Intel SGX enabled enclaves for shielded execution. Our experimental results showed that the proposed framework supports secure in-memory analysis of large network dataset and has comparable performance with systems that have no confidentiality and integrity guarantees.

Heping Jia,Yi Ding,Rui Peng

DOI: https://doi.org/10.1109/icsrs.2018.8688837

2018-01-01

Abstract:With the deep integration of cyber physical systems, data storage systems might suffer from both physical failures and cyber attacks which significantly impact the systems' reliability. The data can be partitioned into several data parts to enhance data security and multiple replications can be created for each data part in the storage systems. In this paper, both the failures of data storage devices and cyber attacks including data theft and data corruption are considered in the proposed system model. Moreover, the multi-valued decision diagram (MDD) technique is developed for considering chronological characteristics of sequential events to achieve the quantitative reliability assessment. A numerical example is provided to validate the proposed model and method.

LIU Sen-sen,CHEN Wei-hua,JIANG Quan-yuan

DOI: https://doi.org/10.3785/j.issn.1008-973x.2009.03.036

2009-01-01

Abstract:The risk theory was applied to static security analysis of power system,and a power system risk model with obvious parallel processing was built.A novel parallel processing approach of risk assessment of power system was presented based on the parallel model.The approach was implemented by PC cluster.In the implementation of specific parallel computing,the PC cluster technology was used.The New England 10-machine 39-node system was used to verify power system static security risk assessment methodology based on parallel computing.System's N-1 breaking accidents were used as the system's expected accident set.The risk of line power overload and that of bus low voltage were used as the two risk indicators to describe static security.The performance of parallel computing algorithm based on indicators and that of parallel computing algorithm based on static incidents allocation were compared.

Wei Wang,Guangsong Li,Keke Gai,Yazhe Tang,Benchao Yang,Xueming Si

DOI: https://doi.org/10.1002/CPE.6035

2022-01-01

Concurrency and Computation: Practice and Experience

Abstract:With the development and popularization of Internet technology, network security has become the focus of attention. Vulnerabilities and back doors are regarded as two of the main reasons of network security problems. Dynamic heterogeneous redundant (DHR) architecture is a typical framework of cyberspace mimic defense. It can make use of untrusted hardware and software components to construct a high reliable and high security information system. In this article, a mathematical model is set up for the DHR architecture, and the system security is characterized by vulnerability consistency rate and success rate of system attack. The antiattack ability of the DHR system is analyzed using the mathematical model.

Gui-Bao Wang,Hong-Zhong Huang,Lian-Sheng Sun

2009-01-01

Eksploatacja i Niezawodnosc - Maintenance and Reliability

Abstract:Engineering practices with various redundancies increase the availability of a system as well as complexity which bring the uncertainty of reliability estimation and failure detection of system components. Under such conditions, a configuration redundancy system is studied and the reliability function of the system is formulated. When no prior failure of System components is available, failure problem of system is a stochastic shortest path problem. Meanwhile to eliminate the uncertainty of system, it is necessary to detect failures series of components. The expected shortest path model and failure detecting model are proposed for system reliability optimization. The Cross-Entropy (CE) method is applied as a heuristic algorithm to estimate the system reliability and detect the failure of components. A stochastic sample generating approach is designed to obtain some valid samples. In order to improve the efficiency of computing, a hybrid CE algorithm which combines the stochastic sample generating approach and the CE method is developed. Numerical results indicate potential improvements in reliability allocation of complex systems that would lead to the best performances of all system components.

Cheng-Jie Xiong,Yan-Fu Li,Min Xie,Szu-Hui Ng,Thong-Ngee Goh

DOI: https://doi.org/10.1007/978-3-642-10619-4_38

2009-01-01

Abstract:Distributed systems are widely deployed in industries where high computational capability and low cost are required. Distributed software architecture is very important in the distributed system. However, since most distributed systems are designed based on a network structure, distributed software is very vulnerable to malware attacks. Due to the popularity of distributed system, it is vital to study the effects of malware attack on distributed systems. In this paper, we studied the malware attack behaviors by a Markov process model. The states of the object homogeneous distributed system can be derived by analyzing the Markov model, with which the service reliability and service availability can be further obtained. An illustrative demonstration is also presented.