A novel Adaptive Cluster Transformation (ACT)-based intrusion tolerant architecture for hybrid information technology

Recently, the building of strong intrusion tolerant systems is in great demand since the openness and the distributed nature of information systems are easily used to compromise the systems by intentional attacks. To achieve intrusion tolerance by enabling the systems to survive various types of intrusions, we suggest a novel approach, Adaptive Cluster Transformation (ACT) , in this paper. Instead of using a fixed cluster size as in conventional approaches, ACT adapts a variable cluster size depending on the system status. This is proved to maintain good quality of service (QoS). In addition, the early prediction of incoming massive packets makes ACT possible to replace any damaged clusters with new ones consisting of pristine virtual machines (VMs). This also contributes to defend the system against a Denial of Service (DoS). The performance of ACT is compared with other fixed sizes of VM cluster architectures by CSIM 20. And it is verified that the proposed method is more effective in maintaining the specific level of QoS as well as providing strong security to the targeted system.