Open Access  Subscription or Fee Access

The main objective of this project is to provide services and randomize the intrusion tolerance in both LAN and WAN networks. Intrusion into a part of the system should give access only to non-significant information, intrusion-tolerant spread systems, there is an necessary predicament: consent Existing Protocols only Behavior-based (or anomaly detection) systems Knowledge-based (or misuse detection) systems. This paper describes the implementation of a stack of randomized intrusion-tolerant protocols and evaluates their performance under different fault masses .One of the main purposes is to explain that randomization can be efficient and should be regarded as a valid solution for practical intrusion tolerant distributed systems. The paper has two main contributions: (1) it presents the design and implementation of a stack of randomized intrusion tolerant protocols, discussing several optimizations – to the best of our knowledge, the achievement of a stack with the four structural properties above is novel; (2) it provides a detailed evaluation of RITAS in both LAN and WAN settings, showing that it has motivating latency and throughput values. Randomization is only one of the techniques that can be used to circumvent the FLP impracticality result. Other techniques include malfunction detectors, unfinished synchrony and circulated wormholes. Some of these techniques have been employed in the past to build other intrusion-tolerant protocol suites.

Randomized Protocols.

S. Fraga and D. Powell, “A fault- and intrusion-tolerant file system,” in Proceedings of the 3rd International Conference on Computer Security, Aug. 1985, pp. 203–218.

A. Avizienis, J.-C. Laprie, B. Randell, and C. Landwehr, “Basic conceptsand taxonomy of dependable and secure computing,” IEEE Transactions on Dependable and Secure Computing, vol. 1, no. 1, pp. 11–33, Jan.-Mar. 2004.

P. E. Verissimo, N. F. Neves, and M. P. Correia, “Intrusion-tolerantarchitectures: Concepts and design,” in Architecting Dependable Systems,ser. Lecture Notes in Computer Science, R. Lemos, C. Gacek,and A. Romanovsky, Eds. Springer-Verlag, 2003, vol. 2677.

F. B. Schneider, “Implementing faul-tolerant services using the state machine approach: A tutorial,” ACM Computing Surveys, vol. 22, no. 4,pp. 299–319, Dec. 1990.

R. Guerraoui and A. Schiper, “The generic consensus service,” IEEE Transactions on Software Engineering, vol. 27, no. 1, pp. 29–41, Jan.2001.

V. Hadzilacos and S. Toueg, “A modular approach to fault-tolerant broadcasts and related problems,” Cornell University, Department of Computer Science, Tech. Rep. TR94-1425, May 1994.

M. Correia, N. F. Neves, and P. Verssimo, “From consensus to atomic broadcast: Time-free Byzantine-resistant protocols without signatures,” The Computer Journal, vol. 41, no. 1, pp. 82–96, Jan. 2006.

M. J. Fischer, N. A. Lynch, and M. S. Paterson, “Impossibility of distributed consensus with one faulty process,” Journal of the ACM, vol. 32, no. 2, pp. 374–382, Apr. 1985.

C. Dwork, N. Lynch, and L. Stockmeyer, “Consensus in the presence of partial synchrony,” Journal of the ACM, vol. 35, no. 2, pp. 288–323, Apr. 1988.

D. Dolev, C. Dwork, and L. Stockmeyer, “On the minimal synchronism needed for distributed consensus,” Journal of the ACM, vol. 34, no. 1,pp. 77–97, Jan. 1987.

T. Chandra and S. Toueg, “Unreliable failure detectors for reliable distributed systems,” Journal of the ACM, vol. 43, no. 2, pp. 225–267,Mar. 1996.

D. Malkhi and M. Reiter, “Unreliable intrusion detection in distributed computations,” in Proceedings of the 10th Computer Security Foundations Workshop, June 1997, pp. 116–124.

K. P. Kihlstrom, L. E. Moser, and P. M. Melliar-Smith, “Byzantine fault detectors for solving consensus,” The Computer Journal, vol. 46, no. 1,pp. 16–35, Jan. 2003.

N. F. Neves, M. Correia, and P. Verissimo, “Solving vector consensuswith a wormhole,” IEEE Transactions on Parallel and Distributed Systems, vol. 16, no. 12, Dec. 2005.

M. Ben-Or, “Another advantage of free choice: Completely asynchronous agreement protocols,” in Proceedings of the 2nd ACM Symposium on Principles of Distributed Computing, Aug. 1983, pp. 27–30.

M. O. Rabin, “Randomized Byzantine generals,” in Proceedings of the 24th Annual IEEE Symposium on Foundations of Computer Science, Nov. 1983, pp. 403–409.

C. Cachin, K. Kursawe, and V. Shoup, “Random oracles in Contanstinople: Practical asynchronous Byzantine agreement using cryptography, “in Proceedings of the 19th ACM Symposium on Principles of Distributed Computing, July 2000, pp. 123–132.

C. Cachin and J. A. Poritz, “Secure intrusion-tolerant replication on the Internet,” in Proceedings of the International Conference on Dependable Systems and Networks, June 2002, pp. 167–176.

H. Moniz, M. Correia, N. F. Neves, and P. Verissimo, “Experimental comparison of local and shared coin randomized consensus protocols,” in Proceedings of the 25th IEEE Symposium on Reliable Distributed Systems (SRDS’06), Oct. 2006, pp. 235–244.

R. Friedman, A. Mostefaoui, and M. Raynal, “Simple and efficient oracle-based consensus protocols for asynchronous byzantine systems,”