國立虎尾科技大學 |

Defeating Insider Attacks via Autonomic Self-Protective Networks.

紀錄類型:	書目-語言資料,手稿 : Monograph/item
正題名/作者:	Defeating Insider Attacks via Autonomic Self-Protective Networks./
作者:	Sibai, Faisal M.
面頁冊數:	1 online resource (139 pages)
附註:	Source: Dissertation Abstracts International, Volume: 73-08(E), Section: B.
標題:	Computer science. -
電子資源:	click for full text (PQDT)
ISBN:	9781267278180

Defeating Insider Attacks via Autonomic Self-Protective Networks.
Sibai, Faisal M.

Defeating Insider Attacks via Autonomic Self-Protective Networks. - 1 online resource (139 pages)

Source: Dissertation Abstracts International, Volume: 73-08(E), Section: B.

Thesis (Ph.D.)--George Mason University, 2012.

Includes bibliographical references

There has been a constant growing security concern with insider attacks on network accessible computer systems. Users with power credentials can do almost anything they want with the systems they own with very little control or oversight. Most breaches occurring nowadays by power users are considered legitimate access and not necessarily intrusions. Developing a solution for such problems is challenging because power users need flexible requirements to administer or maintain their systems. The increased usage of virtual environments, virtual systems, teleworking, and remote usage has made network access the preferred method for system administration.

Electronic reproduction.
Ann Arbor, Mich. :
ProQuest,
2018

Mode of access: World Wide Web

ISBN: 9781267278180Subjects--Topical Terms:

573171
Computer science.
Index Terms--Genre/Form:

554714
Electronic books.

Defeating Insider Attacks via Autonomic Self-Protective Networks.
LDR:03660ntm a2200361K 4500 001 915387
005 20180727125214.5
006 m o u
007 cr mn||||a|a||
008 190606s2012 xx obm 000 0 eng d
020 $a 9781267278180
035 $a (MiAaPQ)AAI3503962
035 $a (MiAaPQ)gmu:10014
035 $a AAI3503962
040 $a MiAaPQ $b eng $c MiAaPQ
100 1 $a Sibai, Faisal M. $3 1188720
245 1 0 $a Defeating Insider Attacks via Autonomic Self-Protective Networks.
264 0 $c 2012
300 $a 1 online resource (139 pages)
336 $a text $b txt $2 rdacontent
337 $a computer $b c $2 rdamedia
338 $a online resource $b cr $2 rdacarrier
500 $a Source: Dissertation Abstracts International, Volume: 73-08(E), Section: B.
500 $a Adviser: Daniel A. Menasce.
502 $a Thesis (Ph.D.)--George Mason University, 2012.
504 $a Includes bibliographical references
520 $a There has been a constant growing security concern with insider attacks on network accessible computer systems. Users with power credentials can do almost anything they want with the systems they own with very little control or oversight. Most breaches occurring nowadays by power users are considered legitimate access and not necessarily intrusions. Developing a solution for such problems is challenging because power users need flexible requirements to administer or maintain their systems. The increased usage of virtual environments, virtual systems, teleworking, and remote usage has made network access the preferred method for system administration.
520 $a This dissertation describes the design and implementation of a network Autonomic Violation Prevention System (AVPS) framework that is intended to defeat the insider threat in organizations. The AVPS sits between privileged users and applications. It monitors traffic that traverses the network and takes actions as needed. A proof of concept prototype for the system was developed in a virtualized environment. FTP and Telnet were part of the application testbed. Rules that pertain to privileged user administration were applied. Actions that were tested successfully included traffic monitoring, replacement, blocking, and dropping.
520 $a This work also examined the scalability of the AVPS design. An experimental testbed was built to obtain performance measures of the AVPS overhead, throughput, and response time. FTP, Database and Web servers were used in the application testbed. A variety of tests were performed including automated simultaneous transactions and manual simultaneous transactions. An M/M/N//M analytic queuing model was used to assess how well the AVPS system would perform for a finite population where the number of applications, users and AVPS engines vary under different load levels. The results showed that the AVPS exhibits a very low overhead and is therefore scalable.
520 $a The AVPS architecture design was further enhanced to automate how signatures are created. Autonomic self-protection capabilities were added into the framework by implementing high level rules that set the goal for how violations are detected and signatures are created. Supervised self-learning capabilities were added via the use of Support Vector Machines (SVM) in order to classify the raw data and make final decisions on what is considered a violation and what is considered normal insider behavior.
533 $a Electronic reproduction. $b Ann Arbor, Mich. : $c ProQuest, $d 2018
538 $a Mode of access: World Wide Web
650 4 $a Computer science. $3 573171
650 4 $a Information technology. $3 559429
655 7 $a Electronic books. $2 local $3 554714
690 $a 0984
690 $a 0489
710 2 $a ProQuest Information and Learning Co. $3 1178819
710 2 $a George Mason University. $b Computer Science. $3 1188721
856 4 0 $u http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=3503962 $z click for full text (PQDT)