| 题名 |
Mitigation of Insider Risks Using Distributed Agent Detection, Filtering, and Signaling |
| DOI |
10.6633/IJNS.200603.2(2).09 |
| 作者 |
Adam J. Rocke;Ronald F. DeMara |
| 关键词 |
File systems management ; multiagent systems ; network-level security and protection ; security kernels ; user profiles and alert services |
| 期刊名称 |
International Journal of Network Security |
| 卷期/出版年月 |
2卷2期(2006 / 03 / 01) |
| 页次 |
141 - 149 |
| 内容语文 |
英文 |
| 英文摘要 |
An insider-robust approach to file integrity verification is developed using interacting strata of mobile agents. Previous approaches relied upon monolithic architectures, or more recently, agent frameworks using a centralized control mechanism or common reporting repository. However, any such distinct tampering-point introduces vulnerabilities, especially from knowledgeable insiders capable of abusing security-critical resources. In the Collaborative Object Notification Framework for Insider Defense using Autonomous Network Transactions (CONFIDANT), the mechanisms for tampering detection, decision-making, and alert signaling are distributed and corroborated by autonomous agents. In this paper, the CONFIDANT file integrity verification framework is presented focusing on insider defense aspects. User capability classes are defined and critical physical tampering points in intrusion detection architectures are identified. CONFIDANT mitigation techniques of insider tampering exposures and example scenarios are presented. |
| 主题分类 |
基礎與應用科學 >
資訊科學 |
| 被引用次数 |
