Online Faults/Attacks Detection and Recovery

G. Qu, S. Hariri, G. Sneij, and J. Jin (USA)

Keywords

online monitoring, attack detection, recovery

Abstract

The Internet has been growing at an amazing rate and concurrent with the growth, the vulnerability of the Internet is also increasing. Though the Internet has been designed to withstand various forms of failure, the intrusion tools and attacks are becoming increasingly sophisticated, exposing the Internet to new threats. To make networked systems reliable and robust it becomes highly essential to develop on-line monitoring, analysis, quantification of the behavior of networks under a wide range of faults/attacks and detection and recovery the network system from attacks/faults. In this paper, we present an agent-based architecture to detect and recover the system from network attacks/faults. Our approach is based on deploying software agents on selected routers, clients and servers to continuously monitor the vulnerability metrics that can be used to quantify the operational state of any network component (router, client, server, sub network). With the help of the proposed autonomous network attack defense system, we can fulfill (a) online modeling and profiling infrastructure vulnerability, (b) quick network attack source identification and (c) proactive self-healing of the network attack.

Important Links:



Go Back