Resilient Threat-Adaptive Consensus

Malicious and coordinated attacks are happening increasingly often, and have targeted critical systems such as nuclear plants, public transportation systems, hospitals and governments. Because critical infrastructures must be resilient against
advanced and persistent threats, a common architecture of choice to mitigate those
hazards are distributed systems, more specifically Byzantine fault-tolerant statemachine replicated(BFT-SMR) systems. In this PhD thesis, we propose solutions
to critical challenges in the field of distributed systems, focusing on creating adaptive algorithms and protocols to strengthen the resilience state-of-the-art systems.
The first challenge is how to ensure the security and reliability of critical infrastructures against advanced and persistent attacks at various threat levels. To address
this, we present ThreatAdaptive, a novel BFT-SMR protocol that automatically
adapts to changes in the anticipated and observed threats in an unattended manner. ThreatAdaptive proactively reconfigures the system to cope with the faults
that one needs to expect given the imminent threats. It threreby avoids the limitations of traditional BFT-SMR protocols that require either by design a high
fault threshold or a trusted external reconfiguration entity. Our results show that
ThreatAdaptive meets the latency and throughput of BFT baselines while adapting
30% faster than previous methods, providing a more efficient and secure solution
for critical infrastructures. The second challenge is how to optimize the performance of a distributed system in the presence of unreliable nodes. To address this,
we propose a method for automatic reconfiguration based on a 3D virtual coordinate system (VCS) that allows correct nodes to detect and eliminate inconsistent
latencies and protect system performance against Byzantine attacks. We evaluate
our reconfiguration baseline, Geometric, on three real-world networking datasets
and show that it protects performance up to 78% better than previous solutions
and provides the closest representation of real-world connections. Our proposed
solutions provide a more reliable and secure approach to automatic reconfiguration
in distributed systems. Overall, this thesis makes a significant contribution to the
field of distributed systems by proposing novel solutions to two critical challenges:
ensuring the security and reliability of critical infrastructures and optimizing the
performance of distributed systems in the presence of unreliable nodes.