The Starfish System

Overview

The Starfish system is a new system currently under development that provides intrusion detection and intrusion tolerance for middleware applications operating in a distributed asynchronous system. The Starfish system contains a central, highly secure and tightly coupled "body." This body is augmented by "arms" that are less tightly coupled and that have less stringent security guarantees, each of which can be removed from the body if a significant security breach occurs. New arms can be "grown" as needed [1].

We are implementing Starfish module by module, beginning with the underlying group communication protocols, and in so doing are developing tools, techniques, and mechanisms that can be deployed in a wide range of survivable systems to increase the security, reliability, and quality of service provided. The group communication protocols Starblab and StarblabIT, a userspace file system StarblabFS, and a national surveillance application Staralert are described on our development page. We are subjecting our system to rigorous performance testing and measurement, and we are also developing applications to aid in the evaluation of our system and techniques.

[1] Starfish are known to have small bodies, out of which spring forth a varying number of arms, which break off when damaged. These arms subsequently heal and re-grow.

Starfish is supported by the National Science Foundation under grant number 0534167 in the Cyber Trust Program.

People

Westmont Faculty

Kim P. Kihlstrom

Current Westmont Students

Kelsey Marshman ('11)
Robin Elliott ('10)
Aaryn Smith ('10)

Prior Westmont Students

Toby Lounsbury ('10)
Adrian Rogers ('09)
Joel Stewart ('08)
Mike Magnuson ('07)
Stephen Raub ('07)
Daniel Shank ('06)
Brad Jensen ('06)
Kerby Johnson ('05)
Chris Phillips ('05)
Chris Ritchey ('04)
Ben LaBarbera ('04)

Collaborations

The Starfish system is a collaborative effort with Professor Priya Narasimhan of Carnegie Mellon University.

Starfish System Website at Carnegie Mellon

Publications

K. P. Kihlstrom, R. S. Elliott, K. A. Marshman, and A. C. Smith, Intrusion-Tolerant Dissemination in Large-Scale Systems, in Proceedings of the 2008 International Conference on Parallel and Distributed Processing Techniques and Applications, Las Vegas, Nevada, July 2008, to appear
K. P. Kihlstrom, J. L. Stewart, N. T. Lounsbury, A. J. Rogers, and M. C. Magnuson, Implementation and Performance Testing of a Gossip-Based Communication System, in Proceedings of the 19th IASTED International Conference on Parallel and Distributed Computing and Systems, Cambridge, MA, November 2007, pp. 194-199
K. P. Kihlstrom, P. Narasimhan, C. Phillips, C. Ritchey, and B. LaBarbera, The Architecture of the Starfish System: Mapping the Survivability Space, in Proceedings of the IASTED International Conference on Parallel and Distributed Computing and Systems, Marina del Rey, California, November 2003, pp. 833-843
PowerPoint slides from PDCS 2003
K. P. Kihlstrom and P. Narasimhan, The Starfish System: Providing Intrusion Detection and Intrusion Tolerance for Middleware Systems, in Proceedings of the IEEE Workshop on Object-Oriented Real-Time Dependable Systems (WORDS) (invited for presentation), Guadalajara, Mexico, January 2003, pp. 191-199
PowerPoint slides from WORDS 2003