TY - GEN
T1 - SGNET: A worldwide deployable framework to support the analysis of malware threat models
AU - Leita, Corrado
AU - Dacier, Marc
N1 - Generated from Scopus record by KAUST IRTS on 2022-09-12
PY - 2008/9/17
Y1 - 2008/9/17
N2 - The dependability community has expressed a growing interest in the recent years for the effects of malicious, external, operational faults in computing systems, ie. intrusions. The term intrusion tolerance has been introduced to emphasize the need to go beyond what classical fault tolerant systems were able to offer. Unfortunately, as opposed to well understood accidental faults, the domain is still lacking sound data sets and models to offer rationales in the design of intrusion tolerant solutions. In this paper, we describe a framework similar in its spirit to so called honey-farms but built in a way that makes its large-scale deployment easily feasible. Furthermore, it offers a very rich level of interaction with the attackers without suffering from the drawbacks of expensive high interaction systems. The system is described, a prototype is presented as well as some preliminary results that highlight the feasibility as well as the usefulness of the approach. © 2008 IEEE.
AB - The dependability community has expressed a growing interest in the recent years for the effects of malicious, external, operational faults in computing systems, ie. intrusions. The term intrusion tolerance has been introduced to emphasize the need to go beyond what classical fault tolerant systems were able to offer. Unfortunately, as opposed to well understood accidental faults, the domain is still lacking sound data sets and models to offer rationales in the design of intrusion tolerant solutions. In this paper, we describe a framework similar in its spirit to so called honey-farms but built in a way that makes its large-scale deployment easily feasible. Furthermore, it offers a very rich level of interaction with the attackers without suffering from the drawbacks of expensive high interaction systems. The system is described, a prototype is presented as well as some preliminary results that highlight the feasibility as well as the usefulness of the approach. © 2008 IEEE.
UR - http://ieeexplore.ieee.org/document/4555995/
UR - http://www.scopus.com/inward/record.url?scp=51549108952&partnerID=8YFLogxK
U2 - 10.1109/EDCC-7.2008.15
DO - 10.1109/EDCC-7.2008.15
M3 - Conference contribution
SN - 9780769531380
SP - 99
EP - 109
BT - Proceedings - 7th European Dependable Computing Conference, EDCC-7
ER -