Some of the material in is restricted to members of the community. By logging in, you may be able to gain additional access to certain collections or items. If you have questions about access or logging in, please use the form on the Contact Page.
Redwood, W. O. (2011). APECS: A Dynamic Framework for Preventing and Mitigating Theft, Loss, and Leakage of Mission Critical Information in Trust Management Networks. Retrieved from http://purl.flvc.org/fsu/fd/FSU_migr_etd-1914
Existing solutions that address data loss, theft, and corruption of information and resources in networks rely on deep content analysis, central policy management, and attempt to achieve broad content protection across multiple platforms and locations [47]. These solutions unfortunately are designed to protect against careless users and very unsophisticated malicious insiders. Consequentially they are trivial to defeat with simple obfuscation. This thesis outlines the flaws with existing approaches and borrows lessons and techniques from related security systems in order to propose a novel approach on policies and mechanisms that are more ideally suited for addressing this problem. This thesis describes the design, implementation, and analysis of real-time statistical (Markov chain and Bayesian) analyzers (extending work of [24, 14, 28, 33, 40, 55]) for network anomaly detection to trigger novel policy-based temporal resource access-disruption mechanisms (extending the work of [12, 13, 41]). These temporal resource access-disruption mechanisms (aka Rollback-access mechanisms) dynamically mitigate the risk of security-critical file distribution by rolling back the granted access to the aforementioned files upon detecting that the user is a perceived threat. The analyzer design goals are: to minimize the consequences of anomalous behavior, to make the analyzer resist Denial of Service(DoS) attacks, to have a real-time response time to anomalies, and to deal with network threats without seriously disrupting services. The resultant temporal access-disruption mechanisms provides for an unprecedented resilience to resource-centric attacks. Additionally, we present some experimental results, which demonstrate the potential of the aforementioned mechanism. Finally, it is important to note that while this thesis extends existing work [12, 13], it addresses only one of many aspects that are necessary to actually implement such systems.
A Thesis Submitted to the Department of Computer Science in Partial Fulfillment of the Requirements for the Degree of Master of Science.
Bibliography Note
Includes bibliographical references.
Publisher
Florida State University
Identifier
FSU_migr_etd-1914
Use and Reproduction
This Item is protected by copyright and/or related rights. You are free to use this Item in any way that is permitted by the copyright and related rights legislation that applies to your use. For other uses you need to obtain permission from the rights-holder(s). The copyright in theses and dissertations completed at Florida State University is held by the students who author them.
Redwood, W. O. (2011). APECS: A Dynamic Framework for Preventing and Mitigating Theft, Loss, and Leakage of Mission Critical Information in Trust Management Networks. Retrieved from http://purl.flvc.org/fsu/fd/FSU_migr_etd-1914