Vulnerability modeling and simulation for DNS intrusion tolerance system construction

Abstract

To construct the ITS(Intrusion Tolerance System), we should concern not only the FTS(Fault Tolerant System) requirements but also intrusion and vulnerability factors. But, in the ITS, we can not take into account the intrusion and vulnerability as they are, because the characteristics and pattern of them is unknown. So, we suggest vulnerability analysis method that enable ITS to know the pattern of vulnerability exploitation more specifically. We make use of the atomic vulnerability concept to analyze the vulnerability in DNS system, and show how to make use of the analysis result as monitoring factors in our DNS ITS system. Also, this analysis result is used in modeling and simulation to see the dynamics of computer network for vulnerability and external malicious attack. This paper shows simulation execution examples making use of the vulnerability analysis result. © Springer-Verlag Berlin Heidelberg 2005.