To address the challenges posed by dynamically evolving, cross-layer attacks in modern distributed systems, this paper proposes a Probabilistic Mobile Byzantine Fault (P-MBF) model that transcends traditional static or deterministic Byzantine assumptions. The model explicitly captures the stochastic propagation of attacks across nodes and the system’s autonomous recovery as a coupled process. Integrated into the analysis component of the MAPE-K autonomic architecture, it enables real-time security situational assessment and policy-driven dynamic reconfiguration. We theoretically derive expected time thresholds for system transitions to safe or hazardous states; stochastic modeling and simulation validate the model’s sensitivity and effectiveness under varying infection and recovery rates. Our key contribution is the first integration of probabilistic mobile fault modeling with closed-loop self-protection control, establishing a quantifiable and verifiable paradigm for resilient system design in dynamic adversarial environments.

Modern distributed systems face growing security threats, as attackers continuously enhance their skills and vulnerabilities span across the entire system stack, from hardware to the application layer. In the system design phase, fault tolerance techniques can be employed to safeguard systems. From a theoretical perspective, an attacker attempting to compromise a system can be abstracted by considering the presence of Byzantine processes in the system. Although this approach enhances the resilience of the distributed system, it introduces certain limitations regarding the accuracy of the model in reflecting real-world scenarios. In this paper, we consider a self-protecting distributed system based on the emph{Monitoring-Analyse-Plan-Execute over a shared Knowledge} (MAPE-K) architecture, and we propose a new probabilistic Mobile Byzantine Failure (MBF) that can be plugged into the Analysis component. Our new model captures the dynamics of evolving attacks and can be used to drive the self-protection and reconfiguration strategy. We analyze mathematically the time that it takes until the number of Byzantine nodes crosses given thresholds, or for the system to self-recover back into a safe state, depending on the rates of Byzantine infection spreading emph{vs.} the rate of self-recovery. We also provide simulation results that illustrate the behavior of the system under such assumptions.