ScienceDirect® Home Skip Main Navigation Links
You have guest access to ScienceDirect. Find out more.
 
Home
Browse
My Settings
Alerts
Help
 Quick Search
 Search tips (Opens new window)
    Clear all fields    
Performance Evaluation
Volume 56, Issues 1-4, March 2004, Pages 53-72
Dependable Systems and Networks - Performance and Dependability Symposium (DSN-PDS) 2002: Selected Papers
 
Font Size: Decrease Font Size  Increase Font Size
 Abstract - selected
Article
Purchase PDF (279 K)

Article Toolbox
  E-mail Article   
  Add to my Quick Links   
Bookmark and share in 2collab (opens in new window)
Request permission to reuse this article
  Cited By in Scopus (1)
 
 
 
Related Articles in ScienceDirect
View More Related Articles
 
View Record in Scopus
 
doi:10.1016/j.peva.2003.07.013    
How to Cite or Link Using DOI (Opens New Window)

Copyright © 2003 Elsevier B.V. All rights reserved.

Modeling and evaluating the security threats of transient errors in firewall software

Purchase the full-text article



References and further reading may be available for this article. To view references and further reading you must purchase this article.

Shuo ChenCorresponding Author Contact Information, E-mail The Corresponding Author, Jun XuE-mail The Corresponding Author, Zbigniew KalbarczykE-mail The Corresponding Author, Ravishankar K. IyerE-mail The Corresponding Author and Keith WhisnantE-mail The Corresponding Author

Center for Reliable and High-Performance Computing, University of Illinois at Urbana-Champaign, 1308 W. Main Street, Urbana, IL 61801, USA


Available online 4 November 2003.

Abstract

This paper experimentally evaluates and models the error-caused security vulnerabilities and the resulting security violations on two Linux kernel firewalls: IPChains and Netfilter. There are two major aspects to this work: to conduct extensive error injection experiments on the Linux kernel and to quantify the possibility of error-caused security violations using a Stochastic Activity Network (SAN) model. The error injection experiments show that about 2% of errors injected into the firewall code segment cause security vulnerabilities. Two types of error-caused security vulnerabilities are distinguished: temporary, which disappear when the error disappears, and permanent, which persist even after the error is removed, as long as the system is not rebooted. Results from simulating the SAN model indicate that under an error rate of 0.1 error per day during a 1-year period in a networked system protected by 20 firewalls, two machines (on the average) will experience security violations. This indicates that error-caused security vulnerabilities can be a non-negligible source of a security threat to a highly secure system.

Author Keywords: Firewall software; Transient errors; SAN model; Security

Article Outline

1. Introduction
2. Related work
3. Target applications: IPChains and Netfilter firewalls
3.1. Structure and packet filtering of IPChains
3.2. Structure and algorithm of Netfilter
4. Experimental setup and approach
4.1. Error model
4.2. Outcome categories
5. Examples of security vulnerabilities
5.1. Temporary security vulnerabilities
5.2. Permanent security vulnerabilities
5.3. Comparison of rule traversal functions of IPChains and Netfilter
6. Experimental results
7. Conceptual model
8. SAN model for security vulnerabilities
8.1. SAN model simulation results
8.2. Evaluating the frequency of security violations
9. Conclusion
Acknowledgements
References










Corresponding Author Contact InformationCorresponding author.


Performance Evaluation
Volume 56, Issues 1-4, March 2004, Pages 53-72
Dependable Systems and Networks - Performance and Dependability Symposium (DSN-PDS) 2002: Selected Papers
 
Home
Browse
My Settings
Alerts
Help
Elsevier.com (Opens new window)
About ScienceDirect  |  Contact Us  |  Information for Advertisers  |  Terms & Conditions  |  Privacy Policy
Copyright © 2008 Elsevier B.V. All rights reserved. ScienceDirect® is a registered trademark of Elsevier B.V.