Title

Mitigation Of Insider Risks Using Distributed Agent Detection, Filtering, And Signaling

Keywords

File systems management; Multiagent systems; Network-level security and protection; Security kernels; User profiles and alert services

Abstract

An insider-robust approach to file integrity verification is developed using interacting strata of mobile agents. Previous approaches relied upon monolithic architectures, or more recently, agent frameworks using a centralized control mechanism or common reporting repository. However, any such distinct tampering-point introduces vulnerabilities, especially from knowledgeable insiders capable of abusing security-critical resources. In the Collaborative Object Notification Framework for Insider Defense using Autonomous Network Transactions (CONFIDANT), the mechanisms for tampering detection, decision-making, and alert signaling are distributed and corroborated by autonomous agents. In this paper, the CONFIDANT file integrity verification framework is presented focusing on insider defense aspects. User capability classes are defined and critical physical tampering points in intrusion detection architectures are identified. CONFIDANT mitigation techniques of insider tampering exposures and example scenarios are presented.

Publication Date

12-1-2006

Publication Title

International Journal of Network Security

Volume

2

Issue

2

Number of Pages

141-149

Document Type

Article

Personal Identifier

scopus

Socpus ID

56749085032 (Scopus)

Source API URL

https://api.elsevier.com/content/abstract/scopus_id/56749085032

This document is currently not available here.

Share

COinS