Sciweavers

IJNSEC
2006

Mitigation of Insider Risks using Distributed Agent Detection, Filtering, and Signaling

14 years 13 days ago
Mitigation of Insider Risks using Distributed Agent Detection, Filtering, and Signaling
An insider-robust approach to file integrity verification is developed using interacting strata of mobile agents. Previous approaches relied upon monolithic architectures, or more recently, agent frameworks using a centralized control mechanism or common reporting repository. However, any such distinct tampering-point introduces vulnerabilities, especially from knowledgeable insiders capable of abusing security-critical resources. In the Collaborative Object Notification Framework for Insider Defense using Autonomous Network Transactions (CONFIDANT), the mechanisms for tampering detection, decision-making, and alert signaling are distributed and corroborated by autonomous agents. In this paper, the CONFIDANT file integrity verification framework is presented focusing on insider defense aspects. User capability classes are defined and critical physical tampering points in intrusion detection architectures are identified. CONFIDANT mitigation techniques of insider tampering exposures an...
Adam J. Rocke, Ronald F. DeMara
Added 12 Dec 2010
Updated 12 Dec 2010
Type Journal
Year 2006
Where IJNSEC
Authors Adam J. Rocke, Ronald F. DeMara
Comments (0)