| Network security becomes the key problem with the development and application of network. In order to resist the attacks from network, the computer security researchers proposed a lot of security technologies. These technologies mainly focused on preventing the systems from being attacked. But more and more newly emerged composite attacks, which appear faster than ever before, are more destructive to the systems, thus the systems'chance of being successfully compromised become much bigger. So, to guarantee the security of the systems cannot just depend on prevention. In recent years, a new network security technology comes forth, namely Intrusion Tolerance.Distributed Object Based Intrusion Tolerant System (ITDOS) has become one of the attractive research issues on Intrusion Tolerance. There have been many significant researches on the model of a heterogeneous intrusion tolerant distributed object system, but few of them focus on distributed object recovery strategy.This paper studied the IT technology from the following three aspects based on the civil and abroad research results, this paper presents a model of ITDOS based on middleware, CORBA, which base on the researches of the SITAR model, and presents a recovery strategy for ITDOS in this model. Compared with the traditional strategies, the objects, recovered by the recovery strategy, can resist the attack of the last to some extent. It is validated by experiment that the strategy correctly performs forward recovery; this paper presents a quick algorithm base on bottom-up for constructing classification tree. Construction of classification tree for increasing efficiency of ITDOS brought forward by the paper. It can decide whether the objects in the distributed systems are attacked and identify the attack kind by the classification tree's classifying and forecasting function. Decrease vote time and increase the efficiency of the recovery strategy; the theoretical analysis and experimental results show that the algorithm is great improved in space complexity and time complexity.Research on intrusion tolerance recovery strategy for distributed object system not only offers a new view and means for intrusion tolerance recovery strategy, but also enriches the research of distributed object system. |
