Please use this identifier to cite or link to this item:
|Title:||Enhancing host security using external environment sensors|
|Authors:||Chang, E.-C. |
|Citation:||Chang, E.-C., Lu, L., Wu, Y., Yap, R.H.C., Yu, J. (2011). Enhancing host security using external environment sensors. International Journal of Information Security 10 (5) : 285-299. ScholarBank@NUS Repository. https://doi.org/10.1007/s10207-011-0130-9|
|Abstract:||We propose a framework that uses (external) environment information to enhance computer security. The benefit of our framework is that the environment information is collected by sensors that are outside the control of a host and communicate to an external monitor via an out-of-band channel (w.r.t. the host), thus it cannot be compromised by malware on a host system. The information gathered still remains intact even if malware uses rootkit techniques to hide its activities. Our framework can be applied for a number of security applications: (1) intrusion detection; (2) rate monitoring/control of external resources; and (3) access control. We show that that the framework is useful even with coarse-grained and simple information. We present some experimental prototypes that employ the framework to detect/control email spam, detect/control DDoS zombie attacks and detect misuse of compute resources. Experimental evaluation shows that the framework is effecting in detecting or limiting the activities of such malware. The growing popularity of multimodal sensors and physical security information management systems suggests that such environmental sensors will become common making our framework cost effective and feasible in the near future. © 2011 Springer-Verlag.|
|Source Title:||International Journal of Information Security|
|Appears in Collections:||Staff Publications|
Show full item record
Files in This Item:
There are no files associated with this item.
checked on Feb 25, 2018
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.