Two principal components for providing protection in large-scale distributed systems are Byzantine fault-tolerance (BFT) and intrusion detection systems (IDS). BFT is used to implement strictly consistent replication of state in the face of arbitrary failures, including those introduced by malware and Internet pathogens. Intrusion detection relates to a broad set of services that detect events that could indicate the presence of an ongoing attack. But BFT traditionally suffers from high latency and replication requirements. But as these two components approach system security differently, we believe that intrusion detection has the potential to has the potential to improve BFT. The integration of these two efforts, at both the fundamental and system levels, is the theme of this research effort.
More information is available at the UC Davis BFT+IDS project web site.