Files in this item



application/pdfMirko_Montanari.pdf (2MB)
(no description provided)PDF


Title:Limiting information exposure in multi-domain monitoring systems
Author(s):Montanari, Mirko
Director of Research:Campbell, Roy H.
Doctoral Committee Chair(s):Campbell, Roy H.
Doctoral Committee Member(s):Gunter, Carl A.; Sanders, William H.; Ou, Xinming
Department / Program:Computer Science
Discipline:Computer Science
Degree Granting Institution:University of Illinois at Urbana-Champaign
Subject(s):computer security
compliance monitoring
security monitoring
data sharing
Abstract:Security monitoring systems have been recognized as a fundamental component of security management, and they provide the fundamental building blocks of future reactive and autonomic systems that can automatically respond and adapt to changes in their environment. However, operating security monitoring systems in the complex environment of today's organizations is challenging. The complex structure of many organizations, the use of cloud computing, and the complexity of attacks require monitoring systems that can operate across the organization boundaries to integrate many types of information. However, when multiple security domains are involved, privacy and confidentiality problems create challenges in integrating events across systems. Situational awareness can be impacted, and so can be the ability of future systems to adapt to their environment. Our thesis is that the explicit definition of policies enables the design of multi-domain monitoring systems that protect the confidentiality and the integrity of the monitoring data. We focus on the problem of sharing discrete events across organizations for detecting violations of security policies. We identify several scenarios from real-word policies in which such a multi-domain sharing is necessary. We introduce a novel architecture for monitoring multi-domain systems, and we introduce two complementary approaches for reducing the amount of information to share to a value close to the theoretical minimum. Our results show that our approaches have adequate performance in many monitoring scenarios, and significantly reduces the amount of information to share. Finally, as security monitoring is a fundamental service in modern systems, we provide a security analysis of our architecture. We analyze the impact of attacks on the integrity, availability, and confidentiality of the monitoring data. We show that, in many cases, our monitoring system fails gracefully in case of attacks without the causing catastrophic security failures of centralized systems.
Issue Date:2013-08-22
Rights Information:Copyright 2013 Mirko Montanari
Date Available in IDEALS:2013-08-22
Date Deposited:2013-08

This item appears in the following Collection(s)

Item Statistics