Title :
SCIT and IDS architectures for reduced data ex-filtration
Author :
Nagarajan, Ajay ; Sood, Arun
Author_Institution :
Dept. of Comput. Sci., George Mason Univ., Fairfax, VA, USA
fDate :
June 28 2010-July 1 2010
Abstract :
Today´s approach to security is based on perimeter defense and relies heavily on firewalls, Intrusion detection systems (IDS) and Intrusion prevention systems. Despite years of research and investment in developing such reactive security methodologies, our critical systems remain vulnerable to cyber attacks. In our approach we assume that intrusions are inevitable and our effort is focused on minimizing losses. Towards this end we have introduced a recovery based limited exposure time system called Self Cleansing Intrusion Tolerance (SCIT). In this paper, we investigate architectures that combine SCIT architecture with existing IDS approaches. The effectiveness of SCIT and IDS security architectures in terms of minimizing data ex filtration losses is analyzed using decision trees and the results of Monte Carlo simulation is presented.
Keywords :
Monte Carlo methods; data analysis; decision trees; security of data; IDS security architecture; Monte Carlo simulation; decision trees; intrusion detection systems; intrusion prevention systems; recovery based limited exposure time system; reduced data ex-filtration; self cleansing intrusion tolerance; Computer architecture; Computer science; Computer security; Data security; Decision trees; Internet; Intrusion detection; Network servers; Protection; Web server;
Conference_Titel :
Dependable Systems and Networks Workshops (DSN-W), 2010 International Conference on
Conference_Location :
Chicago, IL
Print_ISBN :
978-1-4244-7729-6
Electronic_ISBN :
978-1-4244-7728-9
DOI :
10.1109/DSNW.2010.5542601
