Surviving Information Warfare Attacks

Sushil Jajodia, Paul Ammann, and Catherine D. McCollum

The past few years have seen governmental, military, and commercial organizations widely adopt Web-based commercial technologies because of their convenience, ease of use, and ability to take advantage of rapid advances in the commercial market. With this increasing reliance on internetworked computer resources comes an increasing vulnerability to information warfare.

In today's heavily networked environment, safety demands protection from both obvious and subtle intrusions that can delete or corrupt vital data. Traditionally, information systems security focuses primarily on prevention: putting controls and mechanisms in place that protect confidentiality, integrity, and availability by stopping users from doing bad things. Moreover, most mechanisms are powerless against misbehavior by legitimate users who perform functions for which they are authorized: the so-called "insider threat.'' Many network-based attacks, such as password sniffing and session hijacking, allow an attacker to masquerade as a legitimate user.

Although, ultimately, preventing malicious attacks from succeeding is key, not all attacks can be averted at the outset. The goal therefore should be to develop an adaptable system that maintains maximum availability even when under attack: At any time, healthy components of the system remain available while damaged components have either limited or no availability.

Computer, Vol. 32, No. 4, April 1999
Copyright (c) 1999 Institute of Electrical and Electronics Engineers, Inc. All rights reserved.

Send questions or comments to