Minicursos do V Simpósio Brasileiro de Segurança da Informação e de Sistemas Computacionais

Autores

Luciano Paschoal Gaspary (ed.)

UNISINOS

Frank Siqueira (ed.)

UFSC

Sinopse

Os Minicursos do SBSeg têm como objetivo (i) atender a uma necessidade de atualização em temas normalmente não cobertos nas grades curriculares ou (ii) despertar grande interesse entre acadêmicos e profissionais. Já na primeira edição da Chamada de Minicursos, a comunidade prestigia a mesma com um elevado número de submissões. De um total de dezessete propostas submetidas, o comitê de avaliação selecionou três para apresentação e publicação na forma de capítulo de livro. Neste livro encontram-se os textos completos das propostas selecionadas, organizados em três capítulos: (1) Negação de Serviço: Ataques e Contramedidas; (2) Segurança em Grades Computacionais; (3) Serviços Distribuídos Tolerantes a Intrusões: Resultados Recentes e Problemas Abertos.

Capítulos:

1. Negação de Serviço: Ataques e Contramedidas

Rafael P. Laufer, Igor M. Moraes, Pedro B. Velloso, Marco D. D. Bicudo, Miguel Elias M. Campista, Daniel de O. Cunha, Luís Henrique M. K. Costa, Otto Carlos M. B. Duarte

Capítulo 1

2. Segurança em Grades Computacionais

José de Ribamar Braga Pinheiro Junior, Fabio Kon

Capítulo 2

3. Serviços Distribuídos Tolerantes a Intrusões: resultados recentes e problemas abertos

Miguel Pupo Correia

Capítulo 3

Downloads

Não há dados estatísticos.

Referências

Adams, C. and Lloyd, S. (2002). Understanding PKI: Concepts, Standards, and Deployment Considerations. Addison-Wesley Longman Publishing Co., Inc., Boston, MA, USA.

Adelsbach, A., Alessandri, D., Cachin, C., Creese, S., Deswarte, Y., Kursawe, K., Laprie, J. C., Powell, D., Randell, B., Riordan, J., Ryan, P., Simmonds, W., Stroud, R., Veríssimo, P., Waidner, M., and Wespi, A. (2002). Conceptual Model and Architecture of MAFTIA. Project MAFTIA deliverable D21.

Aljifri, H., Smets, M. e Pons, A. (2003). IP Traceback using Header Compression. Computers & Security, 22(2):136–151.

Alon, N., Kaplan, H., Krivelevich, M., Malkhi, D., and Stern, J. (2000). Scalable secure storage when half the system is faulty. In Montanari, U., Rolim, J., and Welzl, R., editors, Proceedings of the 27th International Colloquium on Automata, Languages and Programming, volume 1853 of Lecture Notes in Computer Science, pages 576–587. Springer-Verlag.

Andrade, N., Cirne, W., Brasileiro, F., and Roisenberg, P. (2003). OurGrid: An Approach to Easily Assemble Grids with Equitable Resource Sharing. In Proceedings of the 9th Workshop on Job Scheduling Strategies for Parallel Processing, pages 61–86. Springer Verlag. Lect. Notes Comput. Sci. vol. 2862.

Atighetchi, M., Rubel, P., Pal, P., Chong, J., and Studin, L. (2005). Case study: The intrusion tolerant JBI. Technical report, BBN Technologies.

Avizienis, A. (1985). The N-version approach to fault tolerant software. IEEE Transactions on Software Engineering, 11(12):1491–1501.

Avizienis, A., Laprie, J.-C., Randell, B., and Landwehr, C. (2004). Basic concepts and taxonomy of dependable and secure computing. IEEE Transactions on Dependable and Secure Computing, 1(1):11–33.

Bai, C., Feng, G. eWang, G. (2004). Algebraic Geometric Code Based IP Traceback. Em IEEE International Conference on Performance, Computing, and Communications, páginas 49–56, Phoenix, AZ, EUA.

Baldoni, R., Helary, J., Raynal, M., and Tanguy, L. (2000). Consensus in Byzantine asynchronous systems. In Proceedings of the International Colloquium on Structural Information and Communication Complexity, pages 1–16.

Bazzi, R. and Ding, Y. (2004). Non-skipping timestamps for Byzantine data storage systems. In Guerraoui, R., editor, Proceedings of the 18th International Conference on Distributed Computing, volume 3274 of Lecture Notes in Computer Science, pages 405–419. Springer-Verlag.

Belenky, A. e Ansari, N. (2003a). Accommodating Fragmentation in Deterministic Packet Marking for IP Traceback. Em IEEE GLOBECOM 2003 Conference, páginas 1374–1378, San Francisco, CA, EUA.

Belenky, A. e Ansari, N. (2003b). IP Traceback With Deterministic Packet Marking. IEEE Communications Letters, 7(4):162–164.

Bellovin, S. M. and Merritt, M. (1990). Limitations of the kerberos authentication system. SIGCOMM Comput. Commun. Rev., 20(5):119–132.

Bellovin, S. M., Leech, M. D. e Taylor, T. (2003). ICMP Traceback Messages. Internet Draft: draft-ietf-itrace-04.txt.

Ben-Or, M. (1983). Another advantage of free choice: Completely asynchronous agreement protocols. In Proceedings of the 2nd ACM Symposium on Principles of Distributed Computing, pages 27–30.

Berman, F., Fox, G., Hey, A. J. G., and Hey, T. (2003). Grid Computing: Making the Global Infrastructure a Reality. John Wiley & Sons, Inc.

Bessani, A. N., da Silva Fraga, J., and Lung, L. C. (2005). O confeiteiro bizantino: Exclusão mútua em sistemas abertos sujeitos a faltas bizantinas. In Anais do 23º Simpósio Brasileiro de Redes de Computadores.

Blakley, G. R. (1979). Safeguarding cryptographic keys. In Proceedings of the AFIPS National Computer Conference, volume 48, pages 313–317.

Bloom, B. H. (1970). Space/Time Trade-offs in Hash Coding with Allowable Errors. Communications of the ACM, 7(13):442–426.

Booth, D., Haas, H., McCabe, F., Newcomer, E., Champion, M., Ferris, C., and Orchard, D. (2004). Web Services Architecture. World Wide Web Consortium.

Bracha, G. (1984). An asynchronous b(n¡1)=3c-resilient consensus protocol. In Proceedings of the 3rd ACM Symposium on Principles of Distributed Computing, pages 154–162.

Bracha, G. and Toueg, S. (1985). Asynchronous consensus and broadcast protocols. Journal of the ACM, 32(4):824–840.

Broder, A. e Mitzenmacher, M. (2003). Network Applications of Bloom Filters: A Survey. Internet Mathematics, 1(4):485–509.

Burch, H. e Cheswick, B. (2000). Tracing Anonymous Packets to their Approximate Source. Em USENIX LISA’00, páginas 319–327, Nova Orleans, LA, EUA.

Büyükkokten, O. (2005). Orkut.com. http://www.orkut.com/.

Cachin, C. (2002). Personal communication.

Cachin, C. and Poritz, J. A. (2002). Secure intrusion-tolerant replication on the Internet. In Proceedings of the International Conference on Dependable Systems and Networks, pages 167–176.

Cachin, C. and Tessaro, S. (2004). Asynchronous verifiable information dispersal. RZ 3569, IBM Research.

Cachin, C. and Tessaro, S. (2005). Optimal resilience for erasure-coded Byzantine distributed storage. RZ 3575, IBM Research.

Cachin, C., Kursawe, K., and Shoup, V. (2000). Random oracles in Contanstinople: Practical asynchronous Byzantine agreement using cryptography. In Proceedings of the 19th ACM Symposium on Principles of Distributed Computing, pages 123–132.

Cachin, C., Kursawe, K., Lysyanskaya, A., and Strobl, R. (2002). Asynchronous verifiable secret sharing and proactive cryptosystems. In Proceedings of the 9th ACM Conference on Computer and Communications Security, pages 88–97.

Cachin, C., Kursawe, K., Petzold, F., and Shoup, V. (2001). Secure and efficient asynchronous broadcast protocols (extended abstract). In Kilian, J., editor, Advances in Cryptology: CRYPTO 2001, volume 2139 of Lecture Notes in Computer Science, pages 524–541. Springer-Verlag.

Canetti, R., Gennaro, R., Herzberg, A., and Naor, D. (1997). Proactive security: Long-term protection against break-ins. RSA CryptoBytes, 3(1):1–8.

Castro, M. and Liskov, B. (2002). Practical Byzantine fault tolerance and proactive recovery. ACM Transactions on Computer Systems, 20(4):398–461.

Castro, M., Rodrigues, R., and Liskov, B. (2003). BASE: Using abstraction to improve fault tolerance. ACM Transactions Computer Systems, 21(3):236–269.

CERT (1996). CERT Advisory CA-1996-26 Denial-of-Service Attack via ping. http://www.cert.org/advisories/CA-1996-26.html.

CERT (1997). CERT Advisory CA-1997-28 IP Denial-of-Service Attacks. http://www.cert.org/advisories/CA-1997-28.html.

CERT (1998). CERT Advisory CA-1998-01 Smurf IP Denial-of-Service Attacks. http://www.cert.org/advisories/CA-1998-01.html.

CERT/CC (2005). CERT coordination center statistics 1988-2005. http://www.cert.org/stats/.

Chandra, T. and Toueg, S. (1996). Unreliable failure detectors for reliable distributed systems. Journal of the ACM, 43(2):225–267.

Choi, K. H. e Dai, H. K. (2004). A Marking Scheme Using Huffman Codes for IP Traceback. Em 7th International Symposium on Parallel Architectures, Algorithms and Networks - ISPAN’04, páginas 421–428, Hong Kong, China.

Cisco (2003). Cisco Security Advisory: Cisco IOS Interface Blocked by IPv4 Packets. Cisco Systems, Inc. http://www.cisco.com/warp/public/707/cisco-sa-20030717-blocked.shtml.

Clarke, D., Elien, J.-E., Ellison, C., Fredette, M., Morcos, A., and Rivest, R. L. (1999). Certificate chain discovery in spki/sdsi. To be published, November 1999.

CNN.com (2000). Denial of service hackers take on new targets. http://www.cnn.com/2000/TECH/computing/02/09/denial.of.service.03.

Cohen, F. (1987). Computer viruses: theory and experiments. Comput. Secur., 6(1):22–35.

Correia, M., Lung, L. C., Neves, N. F., and Veríssimo, P. (2002a). Efficient Byzantine-resilient reliable multicast on a hybrid failure model. In Proceedings of the 21st IEEE Symposium on Reliable Distributed Systems, pages 2–11.

Correia, M., Neves, N. F., and Veríssimo, P. (2004). How to tolerate half less one Byzantine nodes in practical distributed systems. In Proceedings of the 23rd IEEE Symposium on Reliable Distributed Systems, pages 174–183.

Correia, M., Neves, N. F., Lung, L. C., and Veríssimo, P. (2005a). Low complexity Byzantine-resilient consensus. Distributed Computing, 17(3):237–249.

Correia, M., Neves, N. F., Lung, L. C., and Veríssimo, P. (2005b). Worm-IT – a wormhole-based intrusion-tolerant group communication system. Submitted for publication.

Correia, M., Veríssimo, P., and Neves, N. F. (2002b). The design of a COTS real-time distributed security kernel. In Proceedings of the Fourth European Dependable Computing Conference, pages 234–252.

de Camargo, R. Y., Goldchleger, A., Carneiro, M., and Kon, F. (2004). Grid: An Architectural Pattern. In The 11th Conference on Pattern Languages of Programs (PLoP’2004), Monticello, Illinois, USA.

Dean, D., Franklin, M. e Stubblefield, A. (2002). An Algebraic Approach to IP Traceback. ACM Transactions on Information and System Security, 5(2):119–137.

Deswarte, Y., Blain, L., and Fabre, J. C. (1991). Intrusion tolerance in distributed computing systems. In Proceedings of the 1991 IEEE Symposium on Research in Security and Privacy, pages 110–121.

Deswarte, Y., Kanoun, K., and Laprie, J. C. (1998). Diversity against accidental and deliberate faults. In Computer Security, Dependability, & Assurance: From Needs to Solutions. IEEE Press.

Dierks, T. and Allen, C. (1999). RFC 2246: The TLS protocol version 1. IETF RFC Publication. Status: PROPOSED STANDARD.

Diffie, W. and Hellman, M. E. (1976). New directions in cryptography. IEEE Transactions on Information Theory, 22(6):644–654.

Diffie, W. and Hellman, M. E. (1976). New directions in cryptography. IEEE Transactions on Information Theory, IT-22(6):644–654.

Dittrich, D. (1999a). The DoS Project’s ‘trinoo’ distributed denial of service attack tool. http://staff.washington.edu/dittrich/misc/trinoo.analysis.txt.

Dittrich, D. (1999b). The ‘stacheldraht’ distributed denial of service attack tool. http://staff.washington.edu/dittrich/misc/stacheldraht.analysis.txt.

Dittrich, D. (1999c). The ‘Tribe Flood Network’ distributed denial of service attack tool. http://staff.washington.edu/dittrich/misc/tfn.analysis.txt.

Doudou, A. and Schiper, A. (1997). Muteness detectors for consensus with Byzantine processes. Technical Report 97/30, EPFL.

Doudou, A., Garbinato, B., and Guerraoui, R. (2002). Encapsulating failure detection: From crash-stop to Byzantine failures. In International Conference on Reliable Software Technologies, pages 24–50.

Dwork, C., Lynch, N., and Stockmeyer, L. (1988). Consensus in the presence of partial synchrony. Journal of the ACM, 35(2):288–323.

Ellison, C., Frantz, B., Lampson, B., Rivest, R., Thomas, B., Bell, S., and Ylonen, T. (1999). SPKI Certificate Theory. Internet RFC #2693.

Epema, D., Livny, M., van Dantzig, R., Evers, X., and Pruyne, J. (1996). A worldwide flock of Condors: Load sharing among workstation clusters. Future Generation Computer Systems, 12:53–65.

Ferguson, P. e Senie, D. (2000). Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing. RFC 2827.

Ferraz, R., Goncalves, B., Sequeira, J., Correia, M., Neves, N. F., and Veríssimo, P. (2004). An intrusion-tolerant web server based on the DISTRACT architecture. In Proceedings of the Workshop on Dependable Distributed Data Management.

Fischer, M. J., Lynch, N. A., and Paterson, M. S. (1985). Impossibility of distributed consensus with one faulty process. Journal of the ACM, 32(2):374–382.

Foster, I. and Czajkowski, K. (2005). Modeling and managing state in distributed systems: the role of ogsi and wsrf. In Proceedings of the IEEE, volume 93, pages 604–612.

Foster, I. and Kesselman, C. (1997). Globus: A Metacomputing Infrastructure Toolkit. International Journal of Supercomputer Applications, 2(11):115–128.

Foster, I. and Kesselman, C. (2003). The Grid 2: Blueprint for a New Computing Infrastructure. Morgan Kaufmann Publishers Inc.

Foster, I., Kesselman, C., and Tuecke, S. (2001). The Anatomy of the Grid: Enabling Scalable Virtual Organizations. The International Journal of Supercomputer Applications, 15(3):200–222.

Foster, I., Kesselman, C., Nick, J., and Tuecke, S. (2002). The Physiology of the Grid: An Open Grid Services Architecture for Distributed Systems Integration. Global Grid Forum, Open Grid Service Infrastructure Working Group.

Foster, I., Kesselman, C., Tsudik, G., and Tuecke, S. (1998). A Security Architecture for Computational Grids. In Proceedings of the 5th ACM Conference on Computer and Communications Security, pages 83–92.

Fraga, J. S. and Powell, D. (1985). A fault - and intrusiontolerant file system. In Proceedings of the 3rd International Conference on Computer Security, pages 203–218.

Frankel, Y. and Yung, M. (1998). Risk management using theshold RSA cryptosystems. Usenix ;login: online.

Frey, J., Tannenbaum, T., Foster, I., Livny, M., and Tuecke, S. (2002). Condor-G: A computation management agent for multi-institutional grids. Cluster Computing, 5:237–246.

FTC (2005). The CAN-SPAM Act: Requirements for Commercial Emailers. http://www.ftc.gov/bcp/conline/pubs/buspubs/canspam.htm.

Garay, J. A., Gennaro, R., Jutla, C., and Rabin, T. (2000). Secure distributed storage and retrieval. Theoretical Computer Science, 243(1-2):363–389.

Garber, L. (2000). Denial-of-Service Attacks Rip the Internet. IEEE Computer, 4(33):12–17.

Garfinkel, S. and Spafford, G. (1996). Practical UNIX & Internet Security. O Reilly & Associates, Inc.

Gemmell, P. S. (1997). An introduction to threshold cryptography. Cryptobytes, 2(3):7–12.

Gibson, S. (2001). The Strange Tale of the Attacks Against GRC.COM. Gibson Research Corporation. http://www.grc.com/dos/grcdos.htm.

Gifford, D. K. (1979). Weighted voting for replicated data. In Proceedings of the 17th ACM Symposium on Operating Systems Principles, pages 150–162.

Globo Online (2005). Brasil é 5o maior receptor de spam; spywares representam 22% das infecções. http://oglobo.globo.com/online/plantao/169450846.asp.

Globus (2004). http://www.globus.org.

Goldchleger, A. (2004). Integrade: Um sistema de middleware para computação em grade oportunista. Tese de mestrado, IME/USP.

Goldchleger, A., Kon, F., vel Lejbman, A. G., and Finger, M. (2003). InteGrade: Object-Oriented Grid Middleware Leveraging Idle Computing Power of Desktop Machines. In Proceedings of the ACM/IFIP/USENIX Middleware’ 2003 1st International Workshop on Middleware for Grid Computing, pages 232–234, Rio de Janeiro.

Gont, F. (2004). ICMP Attacks Against TCP. Internet Draft: draft-gonttcpm-icmp-attacks-03.txt.

Goodrich, M. T. (2002). Efficient Packet Marking for LargeScale IP Traceback. Em 9th ACM Conference on Computer and Communications Security - CCS’02, páginas 117–126, Washington, DC, EUA.

Goodson, G., Wylie, J., Ganger, G., and Reiter, M. (2004). Efficient Byzantine-tolerant erasure-coded storage. In Proceedings of the IEEE International Conference on Dependable Systems and Networks.

Gordon, L. A., Loeb, M. P., Lucyshyn,W. e Richardson, R. (2005). 2005 CSI/FBI Computer Crime and Security Survey.

Grafinkel, S. and Spafford, G. (1996). Practical UNIX and Internet Security. O’Reilly & Associates, Inc.

Gray, P. e Fried, I. (2003). Al-Jazeera suffers DoS attack. ZDNet UK. http://news.zdnet.co.uk/business/0,39020645,2132585,00.htm.

Grupo Brasil AntiSPAM (2005). Código de Ética AntiSPAM e Melhores Práticas de Uso de Mensagens Eletrônicas. http://brasilantispam.org/main/codigo.htm.

Gupta, V., Lam, V., Ramasamy, H., Sanders, W., and Singh, S. (2003). Dependability and performance evaluation of intrusion-tolerant server architectures. In Proceedings of the First Latin-American Symposium on Dependable Computing, pages 81–101.

Hadzilacos, V. and Toueg, S. (1994). A modular approach to fault-tolerant broadcasts and related problems. Technical Report TR94-1425, Cornell University, Department of Computer Science.

Herlihy, M. P. andWing, J. (1990). Linearizability: A correctness condition for concurrent objects. ACM Transactions on Programming Languages and Systems, 12(3):463–492.

Hilgenstieler, E. e Duarte Jr., E. P. (2004). Uma Arquitetura para Rastreamento de Pacotes na Internet. Em IV Workshop em Segurança de Sistemas Computacionais - WSeg 2004, Gramado, RS, Brasil.

Holmes, N. (2005). In Defense of Spam. IEEE Computer Magazine, 38(4):86–88.

Hormel Foods (2000). Your Use of Our Trademark SPAM on Your “Page-O-SPAM” Website. http://www.rsi.com/spam/.

Ian, V. W. (2005). Globus toolkit version 4 grid security infraestruture: A standards perspective. [link].

IBM Report (2005). Phishing attacks in May jumped more than 200 percent. Relatório técnico, IBM.

ICQ (2005). Icq.com - community, people search and messaging service! http://www.icq.com/.

Jacobson, V. (1990). Compressing TCP/IP Headers for Low-Speed Serial Links. RFC 1144.

Keromytis, A., Gross, P., Kaiser, G., Misra, V., Nieh, J., Rubenstein, D., and Stolfo, S. (2003). A holistic approach to service survivability. In Proceedings of the ACM Workshop on Survivable and Self-Regenerative Systems, pages 11–22.

Kihlstrom, K. P., Moser, L. E., and Melliar-Smith, P. M. (2001). The SecureRing group communication system. ACM Transactions on Information and System Security, 4(4):371–406.

Kihlstrom, K. P., Moser, L. E., and Melliar-Smith, P. M. (2003). Byzantine fault detectors for solving consensus. The Computer Journal, 46(1):16–35.

Knight, J., Heimbigner, D., Wolf, A., Carzaniga, A., Hill, J., and Devanbu, P. (2001). The Willow survivability architecture. In Proceedings of the 4th Information Survivability Workshop.

Kohl, J. and Neuman, C. (1993). The Kerberos network authentication service (v5). Internet RFC #1510.

Krawczyk, H. (1993). Distributed fingerprints and secure information dispersal. In Proceedings of the 12th ACM Symposium on Principles of Distributed Computing, pages 207–218.

Krueger, P. E. (1988). Distributed scheduling for a changing environment. PhD thesis, Madison, WI, USA.

Lakshmanan, S., Ahamad, M., and Venkateswaran, H. (2003). Responsive security for stored data. IEEE Transactions on Parallel and Distributed Systems, 14(9):818–828.

Lala, J. H., editor (2003). Foundations of Intrusion Tolerant Systems. IEEE Computer Society Press.

Lamport, L. (1978). Time, clocks, and the ordering of events in a distributed system. Communications of the ACM, 21(7):558–565.

Lamport, L. (1986). On interprocess communication (part II: Algorithms). Distributed Computing, 1:86–101.

Lamport, L., Shostak, R., and Pease, M. (1982). The Byzantine generals problem. ACM Transactions on Programming Languages and Systems, 4(3):382–401.

Lang, U. and Schreiner, R. (2002). Developing Secure Distributed Systems with CORBA. Artech House, Inc., Norwood, MA, USA.

Laufer, R. P. (2005). Rastreamento de Pacotes IP contra Ataques de Negação de Serviço. Tese de mestrado, COPPE/UFRJ.

Laufer, R. P., Velloso, P. B. e Duarte, O. C. M. B. (2005b). Defeating DoS Attacks with IP Traceback. Em IFIP Open Conference on Metropolitan Area Networks - MAN’2005, Ho Chi Minh, Vietnã.

Laufer, R. P., Velloso, P. B. e Duarte, O. C. M. B. (2005c). Um Novo Sistema de Rastreamento de Pacotes IP contra Ataques de Negação de Serviço. Em XXIII Simpósio Brasileiro de Redes de Computadores - SBRC’2005, Fortaleza, CE, Brasil.

Laufer, R. P., Velloso, P. B., de O. Cunha, D. e Duarte, O. C. M. B. (2005a). Um Procedimento Alternativo de Reconstrução de Rota para o Rastreamento de Pacotes IP. Em XXII Simpósio Brasileiro de Telecomunicações - SBrT’05, Campinas, SP, Brasil.

Lee, T.-H., Wu, W.-K. e Huang, T.-Y. W. (2004). Scalable Packet Digesting Schemes for IP Traceback. Em IEEE International Conference on Communications ICC’04, páginas 1008–1013, Paris, França.

Leech, M. (1996). DefUsername/Password Authentication for SOCKS V5. RFC 1929.

Lewis, M. J. and Grimshaw, A. (1996). The Core Legion Object Model. In Proceedings of the Fifth IEEE International Symposium on High Performance Distributed Computing (HPDC ’96), pages 551–561, Los Alamitos, California. IEEE Computer Society Press.

Lhee, K.-S. and Chapin, S. J. (2003). Buffer overflow and format string overflow vulnerabilities. Softw. Pract. Exper., 33(5):423–460.

Li, J., Mirkovic, J., Wang, M., Reiher, P. e Zhang, L. (2002). SAVE: Source Address Validity Enforcement Protocol. Em Proceedings of the IEEE INFOCOM 2002 Conference, páginas 1557–1566, Nova Iorque, NY, EUA.

Li, J., Sung, M., Xu, J. e Li, L. (2004). Large-Scale IP Traceback in High-Speed Internet: Practical Techniques and Theoretical Foundation. Em Proceedings of the 25th IEEE Symposium on Security and Privacy, Oakland, CA, EUA.

Lippmann, R., Haines, J., Fried, D., Korba, J., and Das, K. (2000). Analysis and results of the 1999 DARPA off-line intrusion detection evaluation. In Debar, H., Mé, L., and Wu, S. F., editors, Recent Advances in Intrusion Detection - Third International Workshop, volume 1907 of Lecture Notes in Computer Science, pages 162–182. Springer-Verlag.

Liu, J., Lee, Z.-J. e Chung, Y.-C. (2003). Efficient Dynamic Probabilistic Packet Marking for IP Traceback. Em IEEE International Conference on Networks - ICON’03, páginas 475–480, Sydney, Austrália.

M.Degermark, Nordgren, B. e S.Pink (1999). IP Header Compression. RFC 2507.

Malkhi, D. and Reiter, M. (1997a). Byzantine quorum systems. In Proceedings of the 29th ACM Symposium in Theory of Computing, pages 569–578.

Malkhi, D. and Reiter, M. (1997b). Unreliable intrusion detection in distributed computations. In Proceedings of the 10th Computer Security Foundations Workshop, pages 116–124.

Malkhi, D. and Reiter, M. (1998a). Byzantine quorum systems. Distributed Computing, 11:203–213.

Malkhi, D. and Reiter, M. (1998b). Secure and scalable replication in Phalanx. In Proceedings of the 17th IEEE Symposium on Reliable Distributed Systems.

Malkhi, D. and Reiter, M. K. (2000). An architecture for survivable coordination in large distributed systems. IEEE Transactions on Knowledge and Data Engineering, 12(2):187–202.

Malkhi, D., Reiter, M., and Wool, A. (1997). The load and availability of Byzantine quorum systems. In Proceedings of the 16th ACM Symposium on Principles of Distributed Computing, pages 249–257.

Mankin, A., Massey, D., Wu, C.-L., Wu, S. F. e Zhang, L. (2001). On Design and Evaluation of “Intention-Driven” ICMP Traceback. Em Proceedings of the IEEE ICCCN 2001 Conference, Scottsdale, AZ, EUA.

Markham, T., Meredith, L., and Payne, C. (2003). Distributed embedded firewalls with virtual private groups. In DARPA Information Survivability Conference and Exposition - Volume II.

Marsh, M. A. and Schneider, F. B. (2004). CODEX: A robust and secure secret distribution system. IEEE Transactions on Dependable and Secure Computing, 1(1):34–47.

Martin, J. P. and Alvisi, L. (2004). A framework for dynamic Byzantine storage. In Proceedings of the IEEE International Conference on Dependable Systems and Networks, pages 325–334.

Martin, J. P. and Alvisi, L. (2005). Fast Byzantine consensus. In Proceedings of the IEEE International Conference on Dependable Systems and Networks.

Martin, J. P., Alvisi, L., and Dahlin, M. (2002a). Minimal Byzantine storage. In Proceedings of the 16th International Conference on Distributed Computing, volume 2508 of LNCS, pages 311–325. Springer-Verlag.

Martin, J. P., Alvisi, L., and Dahlin, M. (2002b). Small Byzantine quorum systems. In Proceedings of the International Conference on Dependable Systems and Networks, pages 374–383.

Menezes, A. J., Oorschot, P. C. V., and Vanstone, S. A. (1997). Handbook of Applied Cryptography. CRC Press.

Menezes, A. J., Vanstone, S. A., and Oorschot, P. C. V. (1996). Handbook of Applied Cryptography. CRC Press, Inc., Boca Raton, FL, USA.

Microsoft (2002). Stop 0A in Tcpip.sys When Receiving Out Of Band (OOB) Data. Microsoft Corporation. http://support.microsoft.com/kb/q143478.

Microsoft (2005). Microsoft Network - MSN. http://messenger.msn.com/.

Mirkovic, J. e Reiher, P. (2004). A Taxonomy of DDoS Attack and DDoS Defense Mechanisms. ACM SIGCOMM Computer Communications Review, 34(2):39–53.

Mirkovic, J., Dietrich, S., Dittrich, D. e Reiher, P. (2004). Internet Denial of Service: Attack and Defense Mechanisms. Prentice Hall PTR, 1a edição.

Mitzenmacher, M. (2002). Compressed Bloom Filters. IEEE/ACM Transactions on Networking, 10(5):604–612.

Moore, D., Voelker, G. e Savage, S. (2001). Inferring Internet Denial of Service Activity. Em Proceedings of the 2001 USENIX Security Symposium, Washington, DC, EUA.

Moser, L. E. and Melliar-Smith, P. M. (1999). Byzantine-resistant total ordering algorithms. Information and Computation, 150:75–111.

Moser, L. E., Melliar-Smith, P. M., and Narasimhan, N. (2000). The SecureGroup communication system. In Proceedings of the IEEE Information Survivability Conference, pages 507–516.

MyGrid/OurGrid (2005). http://www.ourgrid.org.

Naor, M. andWool, A. (1996). Access control and signatures via quorum secret sharing. In Proceedings of the 3rd ACM Conference on Computer and Communications Security, pages 157–168.

Neves, N. F., Correia, M., and Veríssimo, P. (2005). Solving vector consensus with a wormhole. IEEE Transactions on Parallel and Distributed Systems. Accepted for publication.

Nicol, D. M., Sanders, W. H., and Trivedi, K. S. (2004). Modelbased evaluation: From dependability to security. IEEE Transactions on Dependable and Secure Computing, 1(1):48–65.

NIST SP-800-12 (1995). An introduction to computer security: The NIST handbook. Special Publication SP 800-12, National Institute of Standards and Technology (NIST).

Obelheiro, R. R., Bessani, A. N., Fraga, J. S., and Lung, L. C. (2005). Analisando a viabilidade da implementação prática de sistemas tolerantes a intrusões. In Anais do 5º Simpósio Brasileiro de Segurança.

Ostrovsky, R. and Yung, M. (1991). How to withstand mobile virus attacks. In Proceedings of the 19th ACM Symposium on Principles of Distributed Computing, pages 51–59.

Park, K. e Lee, H. (2001). On the Effectiveness of Probabilistic Packet Marking for IP Traceback under Denial of Service Attack. Em Proceedings of the IEEE INFOCOM 2001 Conference, Anchorage, AK, EUA.

Pearlman, L.,Welch, V., Foster, I., Kesselman, C., and Tuecke, S. (2002). A community authorization service for group collaboration. In POLICY ’02: Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY’02), pages 50–59, Washington, DC, USA. IEEE Computer Society.

Perkins, C. E. (2002). IP Mobility Support for IPv4. RFC 3220.

Postel, J. (1981). Internet Protocol. RFC 791.

Postel, J. (1983). Character Generator Protocol. RFC 864.

Rabin, M. O. (1983). Randomized Byzantine generals. In Proceedings of the 24th Annual IEEE Symposium on Foundations of Computer Science, pages 403–409.

Rabin, M. O. (1989). Efficient dispersal of information for security, load balancing, and fault tolerance. Journal of the ACM, 36(2):335–348.

Ramachandran, J. (2002). Designing security architecture solutions. John Wiley & Sons, Inc., New York, NY, USA.

Ramasamy, H., Pandey, P., Lyons, J., Cukier, M., and Sanders, W. H. (2002). Quantifying the cost of providing intrusion tolerance in group communication systems. In Proceedings of the International Conference on Dependable Systems and Networks, pages 229–238.

Reiter, M. (1994). Secure agreement protocols: Reliable and atomic group multicast in Rampart. In Proceedings of the 2nd ACM Conference on Computer and Communications Security, pages 68–80.

Reiter, M. K. (1995). The Rampart toolkit for building high-integrity services. In Theory and Practice in Distributed Systems, volume 938 of Lecture Notes in Computer Science, pages 99–110. Springer-Verlag.

Reuters (2004). Scotland Yard and the case of the rent-a-zombies. ZDNet. com. http://news.zdnet.com/2100-1009_22-5260154.html.

Rivest, R. L. and Lampson, B. (1996). SDSI – A simple distributed security infrastructure. Presented at CRYPTO’96 Rumpsession.

Rivest, R. L., Shamir, A., and Adleman, L. M. (1978). A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM, 21(2):120–126.

Sahami, M., Dumais, S., Heckerman, D. e Horvitz, E. (1998). A bayesian approach to filtering junk E-mail. Em Learning for Text Categorization: Papers from the 1998 Workshop, Madison, WI, EUA. AAAI Technical Report WS-98-05.

Santos-Neto, E. and Cirne, W. (2005). Minicurso: Livro Texto, chapter Grids Computacionais: Da Computação de Alto Desempenho a Serviços sob Demanda, pages 15–60. Sociedade Brasileira de Redes de Computadores.

Savage, S., Wetherall, D., Karlin, A. e Anderson, T. (2001). Network Support for IP Traceback. IEEE/ACM Transactions on Networking, 9(3):226–237.

Schneider, F. B. (1990). Implementing faul-tolerant services using the state machine approach: A tutorial. ACM Computing Surveys, 22(4):299–319.

Schuba, C. L., Krsul, I. V., Kuhn, M. G., Spafford, E. H., Sundaram, A. e Zamboni, D. (1997). Analysis of a Denial of Service Attack on TCP. Em Proceedings of the 1997 IEEE Symposium on Security and Privacy, páginas 208–223, Oakland, CA, EUA.

Sesame (2003). Secure European System for Applications in a Multivendor Environment. https://www.cosic.esat.kuleuven.ac.be/sesame/.

Shachtman, N. (2003). Porn Purveyors Getting Squeezed. Wired News. http://wired-vig.wired.com/news/print/0,1294,59574,00.html.

Shamir, A. (1979). How to share a secret. Communications of the ACM, 22(1):612–613.

Singh, S., Cukier, M., and Sanders, W. H. (2003). Probabilistic validation of an intrusion-tolerant replication system. In Proceedings of the International Conference on Dependable Systems and Networks, pages 615–624.

Sinha, P. K. (1996). Distributed Operating Systems: Concepts and Design. Wiley-IEEE Press.

Snoeren, A. C., Partridge, C., Sanchez, L. A., Jones, C. E., Tchakountio, F., Kent, S. T. e Strayer, W. T. (2001). Hash-Based IP Traceback. Em Proceedings of the ACM SIGCOMM’01 Conference, páginas 3–14, San Diego, CA, EUA.

Snoeren, A. C., Partridge, C., Sanchez, L. A., Jones, C. E., Tchakountio, F., Schwartz, B., Kent, S. T. e Strayer, W. T. (2002). Single-Packet IP Traceback. IEEE/ACM Transactions on Networking, 10(6):721–734.

Song, D. X. e Perrig, A. (2001). Advanced and Authenticated Marking Schemes for IP Traceback. Em Proceedings of the IEEE INFOCOM 2001 Conference, Anchorage, AK, EUA.

Sousa, P., Neves, N. F., and Verissimo, P. (2005a). How resilient are distributed f fault/intrusion-tolerant systems? In Proceedings of the IEEE International Conference on Dependable Systems and Networks.

Sousa, P., Neves, N. F., and Veríssimo, P. (2005b). Proactive resilience through architectural hybridization. DI/FCUL TR 05–8, Department of Informatics, University of Lisbon.

SpamAssassin (2005). The apache spamassassin project. http://spamassassin.apache.org/.

Spammer-X, Posluns, J. e Sjouwerman, S. (2004). Inside the SPAM Cartel: Trade Secrets from the Dark Side. Syngress Publishing, 1a edição.

Stallings, W. (2002). Network Security Essentials: Applications and Standards. Prentice Hall Professional Technical Reference.

Stevens, F., Courtney, T., Singh, S., Agbaria, A., Meyer, J. F., Sanders, W. H., and Pal, P. (2004). Model-based validation of an intrusion-tolerant information system. In Proceedings of the 23rd IEEE Symposium on Reliable Distributed Systems, pages 184–194.

Stone, R. (2000). CenterTrack: An IP Overlay Network for Tracking DoS Floods. Em 9th USENIX Security Symposium, páginas 199–212, Denver, CO, EUA.

Tanenbaum, A. S. and Steen, M. V. (2002). Distributed Systems. Principles and Paradigms. Prentince Hall.

Terada, R. (2000). Segurança de Dados. Criptografia em Redes de Computadores. Editora Edgard Blücher Ltda.

Turner, D., Entwisle, S., Friedrichs, O., Hanson, D., Fossi, M., Ahmad, D., Gordon, S., Szor, P., and Chien, E. (2004). Symantec Internet security threat report. Trends for January 1, 2004 – June 30, 2004. Volume VI.

US-CERT (2005). Vulnerability Note VU#222750: TCP/IP Implementations Do Not Adequately Validate ICMP Error Messages. http://www.kb.cert.org/vuls/id/222750.

Veríssimo, P. (2003). Uncertainty and predictability: Can they be reconciled? In Future Directions in Distributed Computing, volume 2584 of Lecture Notes in Computer Science, pages 108–113. Springer-Verlag.

Veríssimo, P. and Casimiro, A. (2002). The Timely Computing Base model and architecture. IEEE Transactions on Computers, 51(8):916-930.

Veríssimo, P. and de Lemos, R. (1989). Confiança no funcionamento: Proposta para uma terminologia em português. Technical Report RT48-89, INESC.

Veríssimo, P. and Rodrigues, L. (2001). Distributed Systems for System Architects. Kluwer Academic Publishers.

Veríssimo, P., Neves, N. F., and Correia, M. (2000). The middleware architecture of MAFTIA: A blueprint. In Proceedings of the Third IEEE Information Survivability Workshop.

Veríssimo, P., Neves, N. F., and Correia, M. (2003). Intrusiontolerant architectures: Concepts and design. In Lemos, R., Gacek, C., and Romanovsky, A., editors, Architecting Dependable Systems, volume 2677 of Lecture Notes in Computer Science, pages 3–36. Springer-Verlag.

Viega, J. and McGraw, G. (2002). Building Secure Software. Addison Wesley.

W3C (2000). Simple Object Access Protocol (SOAP) 1.1. URL: http://www.w3c.org/TR/SOAP.

Wagner, J. (2002). Dealing With Massive Attack: DNS Protection. Internetnews. com. http://www.internetnews.com/dev-news/article.php/1487331.

Wang, D., Madan, B., and Trivedi, K. (2003). Security analysis of the SITAR intrusion tolerance system. In Proceedings of the ACMWorkshop on Survivable and Self-Regenerative Systems, pages 23–32.

Wang, F., Gong, F., Sargor, C., Goseva-Popstojana, K., Trivedi, K., and Jou, F. (2001). SITAR: A scalable intrusion tolerance architecture for distributed services. In Proceedings of the IEEE Second SMC Information Assurance Workshop, pages 38–45.

Watson, P. A. (2004). Slipping in the Window: TCP Reset Attacks. Em 2004 CanSecWest Conference, Vancouver, Canadá.

Welch, V., Foster, I., Kesselman, C., Mulmo, O., Pearlman, L., Tuecke, S., Gawor, J., Meder, S., and Siebenlist, F. (2004). X.509 proxy certificates for dynamic delegation. NIST Gaithersburg MD, USA.

Xavier, F. C. (2004). Um sistema de autorização baseado em uma infraestrutura de gerenciamento de privilégio. Tese de mestrado, IME/USP.

Yin, J., Martin, J., Venkataramani, A., Alvisi, L., and Dahlin, M. (2003). Separating agreement from execution for Byzantine fault tolerant services. In Proceedings of the 19th ACM Symposium on Operating Systems Principles, pages 253–267.

Zhou, L., Schneider, F., and van Renesse, R. (2002a). COCA: A secure distributed on-line certification authority. ACM Transactions on Computer Systems, 20(4):329–368.

Zhou, L., Schneider, F., and van Renesse, R. (2002b). Proactive secret sharing in asynchronous systems. TR 1877, Cornell University.