You are here

APECS

Title: APECS: A Dynamic Framework for Preventing and Mitigating Theft, Loss, and Leakage of Mission Critical Information in Trust Management Networks.
188 views
134 downloads
Name(s): Redwood, W. Owen, author
Burmester, Mike, professor directing thesis
Aggarwal, Sudhir, committee member
Yuan, Xin, committee member
Department of Computer Science, degree granting department
Florida State University, degree granting institution
Type of Resource: text
Genre: Text
Issuance: monographic
Date Issued: 2011
Publisher: Florida State University
Place of Publication: Tallahassee, Florida
Physical Form: computer
online resource
Extent: 1 online resource
Language(s): English
Abstract/Description: Existing solutions that address data loss, theft, and corruption of information and resources in networks rely on deep content analysis, central policy management, and attempt to achieve broad content protection across multiple platforms and locations [47]. These solutions unfortunately are designed to protect against careless users and very unsophisticated malicious insiders. Consequentially they are trivial to defeat with simple obfuscation. This thesis outlines the flaws with existing approaches and borrows lessons and techniques from related security systems in order to propose a novel approach on policies and mechanisms that are more ideally suited for addressing this problem. This thesis describes the design, implementation, and analysis of real-time statistical (Markov chain and Bayesian) analyzers (extending work of [24, 14, 28, 33, 40, 55]) for network anomaly detection to trigger novel policy-based temporal resource access-disruption mechanisms (extending the work of [12, 13, 41]). These temporal resource access-disruption mechanisms (aka Rollback-access mechanisms) dynamically mitigate the risk of security-critical file distribution by rolling back the granted access to the aforementioned files upon detecting that the user is a perceived threat. The analyzer design goals are: to minimize the consequences of anomalous behavior, to make the analyzer resist Denial of Service(DoS) attacks, to have a real-time response time to anomalies, and to deal with network threats without seriously disrupting services. The resultant temporal access-disruption mechanisms provides for an unprecedented resilience to resource-centric attacks. Additionally, we present some experimental results, which demonstrate the potential of the aforementioned mechanism. Finally, it is important to note that while this thesis extends existing work [12, 13], it addresses only one of many aspects that are necessary to actually implement such systems.
Identifier: FSU_migr_etd-1914 (IID)
Submitted Note: A Thesis Submitted to the Department of Computer Science in Partial Fulfillment of the Requirements for the Degree of Master of Science.
Degree Awarded: Spring Semester, 2011.
Date of Defense: December 8, 2010.
Keywords: Trust Management, Insider Threats
Bibliography Note: Includes bibliographical references.
Advisory committee: Mike Burmester, Professor Directing Thesis; Sudhir Aggarwal, Committee Member; Xin Yuan, Committee Member.
Subject(s): Computer science
Persistent Link to This Record: http://purl.flvc.org/fsu/fd/FSU_migr_etd-1914
Owner Institution: FSU

Choose the citation style.
Redwood, W. O. (2011). APECS: A Dynamic Framework for Preventing and Mitigating Theft, Loss, and Leakage of Mission Critical Information in Trust Management Networks. Retrieved from http://purl.flvc.org/fsu/fd/FSU_migr_etd-1914