In this paper, we describe and analyze the hypothesis about intrusiontolerance software system, so that it can provide an intended server capability and deal with theimpacts caused by the intruder exploiting the inher...In this paper, we describe and analyze the hypothesis about intrusiontolerance software system, so that it can provide an intended server capability and deal with theimpacts caused by the intruder exploiting the inherent security vulnerabilities. Wepresent someintrusion tolerance technology by exploiting N-version module threshold method in constructingmultilevel secure software architecture, by detecting with hash value, by placing an 'antigen' wordnext to the return address on the stack thatis similar to human immune system, and by adding 'Honeycode' nonfunctional code to disturb intruder, so that the security and the availability of thesoftware system are ensured.展开更多
基金Supported by the National Natural Science Foun dation of China (90104005,60373087, 60473023),the Ph. D Pro grams Foundation of Ministry of Education of China(20020486046)
文摘In this paper, we describe and analyze the hypothesis about intrusiontolerance software system, so that it can provide an intended server capability and deal with theimpacts caused by the intruder exploiting the inherent security vulnerabilities. Wepresent someintrusion tolerance technology by exploiting N-version module threshold method in constructingmultilevel secure software architecture, by detecting with hash value, by placing an 'antigen' wordnext to the return address on the stack thatis similar to human immune system, and by adding 'Honeycode' nonfunctional code to disturb intruder, so that the security and the availability of thesoftware system are ensured.
