Protecting implemented security mechanisms and ensuring their robustness when a host is compromised is among the major challenges that have being studied. Implementing security mechanisms such as intrusion detection inside workstation disks is among recent findings that can be exploited to fulfill these needs. In this paper, we describe a Cooperative Intrusion Detection and Tolerance System, called C-IDTS, which takes advantage of the information that are available at the network, host and storage level to better detect intrusion attempts in their early stages, even when the host is compromised. It also provides intrusion tolerance capability and supports investigation activities.
展开▼
