shuttle: intrusion recovery in paas
TRANSCRIPT
![Page 1: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/1.jpg)
Recovery from Intrusions in PaaS
Dário Nascimento Miguel Correia
INESC-ID Lisboa
Instituto Superior Técnico
University of Lisbon
Portugal
![Page 2: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/2.jpg)
Recovery from Intrusions in PaaS.
![Page 3: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/3.jpg)
Recovery from Intrusions in PaaS.
![Page 4: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/4.jpg)
Compromise:
• Integrity
• Availability
• Confidentiality
Due to:• Software Flaws (e.g. Shellshock)
• Configuration and usage mistakes (malicious or accidental)
• Corrupted legitimate requests (e.g. SQL-Injection)
![Page 5: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/5.jpg)
Prevent is NOT enough.
![Page 6: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/6.jpg)
Intrusions will Happen.
![Page 7: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/7.jpg)
Wake-Up
Shower
Skip breakfast
Wake the rest of team
Connect laptop to VPN
Determine intrusion causes
Verify database consistency
Fix exploited vulnerabilities
Remove intrusion effects
Recover application’s Integrity
Recover application’s Availability
Redeploy the application
Contact angry customers
Explain the reasons to your boss
Listen your angry boss
Blame security team
Hope it never happens again
Return to bed.
![Page 8: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/8.jpg)
Wake-Up
Shower
Skip breakfast
Wake the rest of team
Connect laptop to VPN
Determine intrusion causes
Verify database consistency
Fix exploited vulnerabilities
Remove intrusion effects
Recover application’s Integrity
Recover application’s Availability
Redeploy the application
Contact angry customers
Explain the reasons to your boss
Listen your angry boss
Blame security team
Hope it never happens again
Return to bed.
![Page 9: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/9.jpg)
Recover Application’s Integrity
Wake-Up
Shower
Skip breakfast
Wake the rest of team
Connect laptop to VPN
Determine intrusion causes
Verify database consistency
Fix exploited vulnerabilities
Contact angry customers
Explain the reasons to your boss
Listen your angry boss
Blame security team
Hope it never happens again
Return to bed.
Remove intrusion effects
Make the Application Available
![Page 10: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/10.jpg)
HOW?
![Page 11: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/11.jpg)
Recovery Procedure.
![Page 12: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/12.jpg)
does Not Exist
![Page 13: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/13.jpg)
is Unknown.
![Page 14: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/14.jpg)
is Not Tested.
![Page 15: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/15.jpg)
Alternatives?
![Page 16: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/16.jpg)
Remove intrusion effects
Recover Application’s Integrity
Make the Application Available
![Page 17: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/17.jpg)
H1 : Terminate all instances and restart
Recover Application’s Integrity
![Page 18: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/18.jpg)
H1 : Terminate all instances and restart
Lose all your data?!
Time consuming, downtime
Recover Application’s Integrity
![Page 19: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/19.jpg)
Recover Application’s Integrity
H2: Replication
![Page 20: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/20.jpg)
Recover Application’s Integrity
H2: Replication
Intrusion effects are also replicated
![Page 21: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/21.jpg)
Recover Application’s Integrity
H3: Backup
![Page 22: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/22.jpg)
Recover Application’s Integrity
H3: Backup
You will lose your customers data after intrusion
![Page 23: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/23.jpg)
Recover Application’s Integrity
H4: Remote Site Recovery Mechanism
![Page 24: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/24.jpg)
Recover Application’s Integrity
H4: Remote Site Recovery Mechanism
Remote Site is tampered or outdated
![Page 25: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/25.jpg)
Best day ever to stay in BED.
![Page 26: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/26.jpg)
Intrusion Recovery / Undo Systems.
![Page 27: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/27.jpg)
Intrusion Recovery System
Remove unwanted actions.
Keep effect of legitimate actions.
![Page 28: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/28.jpg)
time
Backup A Backup B
User ActionMalicious
Action
![Page 29: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/29.jpg)
Current Solutions.
![Page 30: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/30.jpg)
Operating Systems: Taser, Retro
Databases: ITDB, Phoenix
Web applications: Goel et. al, Warp, Aire
Others (Email): Undo for Operators
![Page 31: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/31.jpg)
Limitations:
• Max. complexity: 1 app server, 1 database instance
• All require setup and configuration
• Cause application downtime during recovery
![Page 32: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/32.jpg)
Shuttle.
![Page 33: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/33.jpg)
Intrusion Recovery System for Cloud Computing:• Remove the intrusion effects
• Recover application’s integrity
• Support applications deployed in various instances• Available without setup
• Avoid application downtime
• Cost efficient
• Recover timely
![Page 34: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/34.jpg)
Software as a Service (SaaS)
Platform as a Service (PaaS)
Infrastructure as a Service (Iaas)
![Page 35: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/35.jpg)
Platform as a Service (PaaS)
Infrastructure as a Service (Iaas)
Software as a Service (SaaS)
![Page 36: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/36.jpg)
DevOps?Micro-services?
Containers?Automated Deployment?
![Page 37: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/37.jpg)
![Page 38: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/38.jpg)
Platform as a Service (PaaS)
Cloud service to run applications
Consumer develops application to run in that environment, using supported
• Languages: e.g., Java, Python, Go, PHP
• Components: e.g., SQL/NoSQL databases, load balancers
![Page 39: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/39.jpg)
User Request
Proxy
Load Balancer
Application Server
Application Server
Database Instance
Database Instance
![Page 40: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/40.jpg)
Integrating intrusion recovery mechanisms.
![Page 41: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/41.jpg)
1. Record all user requests
2. Load a database snapshot
3. Replay all legitimate requests
![Page 42: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/42.jpg)
1. Record all user requests
2. Load a database snapshot
3. Replay all legitimate requests
![Page 43: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/43.jpg)
User Request
Proxy
Load Balancer
Application Server
Application Server
Database Instance
Database Instance
Storage
![Page 44: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/44.jpg)
Request A
Write A=1
Request B
Read A
Request Dependency
![Page 45: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/45.jpg)
User Request
Proxy
Load Balancer
Application Server
Application Server
Database Instance
Database Instance
Manager
Storage
DB Proxy DB Proxy
Interceptor Interceptor
![Page 46: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/46.jpg)
1. Record all user requests
2. Load a database snapshot
3. Replay all legitimate requests
![Page 47: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/47.jpg)
Consistent Snapshot on NoSQL.
![Page 48: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/48.jpg)
Request Consistent.
Copy-on-write.
No downtime.
![Page 49: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/49.jpg)
More Details @ Paper
![Page 50: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/50.jpg)
Replay/Recovery Process.
![Page 51: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/51.jpg)
1. Identify the malicious actions (or intrusion instant)
![Page 52: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/52.jpg)
2. Launch new application and database instances
1. Identify the malicious actions and intrusion instant
Recovery Process
![Page 53: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/53.jpg)
2. Launch new application and database instances1. Identify the malicious actions (or intrusion instant)
3. Load a snapshot previous to intrusion instantCreate a new branch
Recovery Process
![Page 54: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/54.jpg)
Branching
Users Shuttle
![Page 55: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/55.jpg)
2. Launch new application and database instances1. Identify the malicious actions (or intrusion instant)
3. Load a snapshot previous to intrusion instantCreate a new branch
4. Replay requestsDatabase operations shall replay in same order as original
Recovery Process
![Page 56: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/56.jpg)
User Request
Proxy
Load Balancer
Application Server
Application Server
Database Instance
Database Instance
Manager
Storage
DB Proxy DB Proxy
Replay Instances
Interceptor Interceptor
![Page 57: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/57.jpg)
2. Launch new application and database instances1. Identify the malicious actions (or intrusion instant)
3. Load a snapshot previous to intrusion instantCreate a new branch
4. Replay requestsDatabase operations shall replay in same order as original
5. Block incoming requests; replay last requests
Recovery Process
![Page 58: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/58.jpg)
2. Launch new application and database instances1. Identify the malicious actions (or intrusion instant)
3. Load a snapshot previous to intrusion instantCreate a new branch
4. Replay requestsDatabase operations shall replay in same order as original
5. Block incoming requests; replay last requests
6. Change branch
Recovery Process
![Page 59: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/59.jpg)
2. Launch new application and database instances1. Identify the malicious actions (or intrusion instant)
3. Load a snapshot previous to intrusion instantCreate a new branch
4. Replay requestsDatabase operations shall replay in same order as original
5. Block incoming requests; replay last requests
6. Change branch
Recovery Process
![Page 60: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/60.jpg)
Full-Replay
Replay every
operation after snapshot
Selective-Replay
Replay only
affected (tainted) operations
![Page 61: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/61.jpg)
Serial
Replay all requests
sequentially
Clustered
Independent clusters are
replayed concurrently
![Page 62: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/62.jpg)
Evaluation.
![Page 63: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/63.jpg)
Amazon EC2, c3.xlarge instances, Gigabit Ethernet
Ask Q&A application; data from Stack Exchange
WildFly (formely JBoss) application servers
Voldemort database
![Page 64: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/64.jpg)
Performance overheadin normal execution
50% Read 50% Insert 95% Read 5% Insert
ops/sec latency (ms) ops/sec latency (ms)
Shuttle 6325 5.78 15 346 3.62
No Shuttle 7148 5.07 17 821 3.01overhead 13% 14% 16% 20%
![Page 65: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/65.jpg)
Accuracy: Intrusion Scenarios:1. Malicious requests2. Software vulnerabilities3. External channels (e.g. SSH due to Shellshock)
# Intrusion # tainted # Selective Replay
# Full Replay
1a 106 0 < 605 > 38 620
1b 58 14 < 379 > 38 620
1c 48 52 < 253 > 38 620
2a 4 338 0 - > 38 620
2b 18 286 1 278 - > 38 620
3 > 2 000 - - > 38 620
![Page 66: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/66.jpg)
Recovery Time1 million requests
![Page 67: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/67.jpg)
Restrain Duration
![Page 68: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/68.jpg)
Need it faster?
![Page 69: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/69.jpg)
Scalability.
![Page 70: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/70.jpg)
Scalability
![Page 71: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/71.jpg)
Storage Bill.
![Page 72: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/72.jpg)
# objects Size (MB)
Shuttle Storage:
Requests 1 million 212
Response 1 million 8 767
Start/End timestamps 2 million 16
Keys 137 million 488
Total 9 648 MB
Database node:
Version List 14 593 1.4
Operation List 9 million 277
Total 282 MB
Manager
Graph 1 million 718 MB
Storage Overhead1 million requests
![Page 73: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/73.jpg)
$47 per month if 20 Million requests per day.
![Page 74: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/74.jpg)
Conclusion.
![Page 75: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/75.jpg)
New intrusion recovery service be integrated in PaaS
Supports applications running in various instances backed by distributed databases
Leverages resource elasticity and pay-per-use model to reduce the recovery time and costs
![Page 76: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/76.jpg)
Accomplishing intrusion recovery without service downtime using a branching mechanism
Globally transaction-consistent snapshot for NoSQL databases
Remove intrusions by redeploying the applications
![Page 77: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/77.jpg)
Future Work.
![Page 78: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/78.jpg)
Prevent intrusions from spreading
Client side applications
Handle database replication and fault-tolerance
Deliver as a commercial solution
Integrate with Micro-services Architecture
![Page 79: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/79.jpg)
References[Taser] A. Goel, K. Po, K. Farhadi, Z. Li, and E. de Lara, “The taser intrusion recovery system,” in SOSP. ACM, 2005.
[Retro] T. Kim, X. Wang, N. Zeldovich, and M. F. Kaashoek, “Intrusion recovery using selective re- execution.” USENIX, 2010.
[ITDB] P.Liu, J.Jing, P.Luenam and Y.Wang, “The design and implementation of a self healing database system,” JIIS 2004.
[Goel] I. Akkus and A. Goel, “Data recovery for web applications,” in DSN. IEEE, Jun. 2010, pp. 81–90
[Warp] R. Chandra, T. Kim, and M. Shah, “Intrusion recovery for database-backed web applications,” in SOSP. ACM, 2011.
[Aire] R.Chandra, T.Kim and N.Zeldovich, “Asynchronous intrusion recovery for interconnected web services,” in SOSP. ACM, 2013.
[UndoForOperators] A. B. Brown and D. A. Patterson, “Undo for operators : Building an undoable e-mail store,” in USENIX ATC, 2003.
![Page 80: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/80.jpg)
More details
MsC Thesis on Distributed, Cloud and Mobile Applications
Recovery from Security Intrusions in Cloud Computing
Dario Nascimento, Miguel Pupo Correia, Instituto Superior Tecnico, 2015
![Page 81: Shuttle: Intrusion Recovery in Paas](https://reader034.vdocuments.net/reader034/viewer/2022042819/55ccdc44bb61ebd3518b4617/html5/thumbnails/81.jpg)
Thank you for your attention
Shuttle: Intrusion Recovery for PaaS