Hierarchical Adaptive Control for QoS Intrusion Tolerance
HACQIT aims to 1) deliver critical user services for four hours while under active attacks with no more than 25% degradation in user performance; 2) build a working prototype "system" while concentrating resources on new capabilities and minimizing unnecessary duplication; 3) understand the "design space" of intrusion tolerant systems designed for real world use with consumer-off-the-shelf and government-off-the-shelf hardware and software.
A phased approach will be used.
Phase 1: 1) Build a series of demo prototypes and explore "space." 2) Analyze more formal models. 3) Refine architecture and implementation plan.
Phase 2: 1) Incrementally deliver new capabilities. 2) Add more types of critical applications. 3) Continue analysis of more formal models. 4) Validate via Internet exposure, Red Team, new attacks, and analysis.
Intrusion tolerant architecture that stops many common attacks, but still allows access to critical services
Specification based approach to defining proper behavior of the HACQIT components
Rapid failover of applications via process-pair architecture with time delay (to avert common mode failures)
Random rejuvenation at various levels
Forensics and learning to stop unknown attacks
Execution monitoring (or plan checking) approach