Defensive Execution of Transactional Processes against Attacks

Meng Yu
Monmouth University
USA

Wanyu Zang

Peng Liu
Pennsylvania State University
USA

It is a well known problem that the
attack recovery of a self-healing system
rolls back not only malicious transactions, but also legitimate transactions
that are dependent on the malicious transactions. Rolling back and re-executing
damaged transactions increase the response time of the system
and may cause a significant processing delay.
In such situations, the availability of the system is compromised
and the system suffers the vulnerability of Denial of Service (DoS).
In this paper, we propose a defensive executing technique and analyze its
effectiveness.
Our technique concurrently executes multiple paths of a transactional
processes based on the prediction generated by a Discrete Time Markov Chain.
The defensive execution can reduce the delay caused by recovery.
We also propose a branch cutting technique to reduce the extra cost
introduced by defensive execution.
Our analytical results show that our technique is practical against
transactional level attacks.

Keywords: self-healing, attack recovery, distributed system, transactional process

Read Paper Read Paper (in PDF)