Survivable Systems Project

Overview

We have successfully developed survivable database systems in our previous research. In this project, we extend our research to survivable networked information systems.

There are two research threads:

  1. As the first viable and maybe the most widely accepted and enforced proposal to effectively coordinate multiple, heterogeneous information resources and monitor the overall process in the execution of a business process, workflow management systems (WFMS) support a variety of real world applications. In this research, we will develop (a) survivable WFMS, and (b) the techniques to build survivable large scale distributed applications through survivable WFMS.
  2. Existing intrusion tolerance or attack response mechanisms are heavily dependent on the accuracy and timeliness of intrusion detection, and the intrusion detector is believed to be a key component that every survivable system must have. In this research, we try to develop good survivable systems that are not dependent on intrusion detection, or have much less dependence on intrusion detection (compared with existing survivable systems).

    In particular, we focus on both perfect and imperfect attack masking techniques where redundancy is smartly used to mask intrusions.

Papers

  1. M. Yu, P. Liu, W. Zang, Dependency Relation based Attack Recovery of Workflow Systems, Submitted for journal publication, 2004
  2. M. Yu, P. Liu, W. Zang, The Design, Implementation and Evaluation of a Self-Healing Workflow System Prototype, To be submitted for journal publication.

  3. M. Yu, P. Liu, W. Zang, Self Healing Workflow Systems under Attacks, Proc. 24th IEEE International Conference on Distributed Computing Systems (ICDCS’04) Tokyo, Japan, March 2004, pages 418-425.

    4.

  4. P. Liu, J. Jing, P. Luenam, Y. Wang, L. Li, S. Ingsriswang, The Design and Implementation of a Self-Healing Database System, Journal of Intelligent Information Systems, Accepted, in press

    5.

  5. M. Yu, P. Liu, W. Zang, A Practical Model for Performance Evaluation of Attack Recovery Systems -- PEARS, Technical Report, 2003

  6. M. Yu, P. Liu, W. Zang, Multi-Version Data Objects Based Attack Recovery of Workflows, Proc. 2003 Annual Computer Applications Security Conference (ACSAC'03).

  7. M. Yu, P. Liu, W. Zang, Intrusion Masking Operations among Replica Groups, Submitted for journal publication, 2003

People

Acknowledgements

 This research is partially supported by NSF CCR-0233324 and DARPA OASIS program