Solutions to the Byzantine General Problem are applied to the design of an Intrusion Detection & Countermeasure Systems, called SAFE, being developed at the Worcester Polytechnic Institute System Security Research Laboratory (WSSRL). As described in this paper, Byzantine Agreement Protocols (BAP) arrived at a consensus on (identify) which nodes have been compromised, through the use of a series of synchronized, secure rounds of message exchanges. Having arrived at such consensus, offending or compromised nodes are isolated and countermeasure actions initiated by the system. Specifically, we consider in this manuscript the necessary and sufficient conditions for the application of Byzantine Agreement Protocols to the intrusion detection problem. In addition, the set of necessary assumptions needed for the BAP protocol to operate correctly, such as the need for a secure communication channel, are presented
Colon Osorio, Fernando C.
, Wang, Xiaoning
(2003). Applying Byzantine Agreement Protocols to the Intrusion Detection Problem in Distributed Systems. .
Retrieved from: http://digitalcommons.wpi.edu/computerscience-pubs/126