By Topic

Defeating the insider threat via autonomic network capabilities

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
Sibai, Faisal M. ; Dept. of Comput. Sci., George Mason Univ., Fairfax, VA, USA ; Menasce, D.

There has been a constant growing security concern on insider attacks on network accessible computer systems. Users with power credentials can do almost anything they want with the systems they own with very little control or oversight. Most breaches occurring nowadays by power users are considered legitimate access and not necessarily intrusions. Developing a solution for such a problem is challenging because power users need flexible requirements to administer or maintain their systems. The increased usage of virtual environments, virtual systems, teleworking, and remote usage has made network access the preferred method for system administration. This paper presents (1) the Autonomic Violation Prevention System (AVPS), a framework that provides a solution to this problem and meet the above mentioned challenges, and (2) a proof-of-concept prototype that embeds self-protection capabilities into traditional Network Intrusion Prevention Systems (NIPS). AVPS focuses on self-protection against security policy violations instead of malware, vulnerability, or exploit intrusions. AVPS heavily enforces separation of duties, promotes scalability, ease of use and manageability. The proof-of-concept prototype uses Snort in-line NIPS with our own customizations.

Published in:

Communication Systems and Networks (COMSNETS), 2011 Third International Conference on

Date of Conference:

4-8 Jan. 2011