Skip to main content
Springer Nature Link
Log in

Autonomic Protection System Using Adaptive Security Policy

  • Conference paper
Computational Science and Its Applications – ICCSA 2004 (ICCSA 2004)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 3045))

Included in the following conference series:

Abstract

There are various techniques to safeguard computer systems and networks against illegal actions. Secure OS based on Role Based Access Control (RBAC) is one of the systems that reflect these techniques. The RBAC system controls access to system resources based on roles. Recently, many systems employ more fine-grained access control on system resources to enhance system security. However, this approach in access control level may cause unexpected problems, since most systems acquire system resources through system call that is hooked on kernel. In this paper, we propose a novel approach to Intrusion Detection System (IDS). The proposed Autonomic Protection System (APS) supports fine-grained intrusion detection. It resides above Secure OS based on RBAC that provides general-grained access control. The system detects intrusions using security policy based on RBAC model. The system performs double checking for intrusions using positive and negative intrusion detection policy. Additionally, as one of active responses, the system supports the self-adaptation of security policy depending on various computing environments. Therefore, the system can detect intrusions more accurately and respond to the attacks actively and appropriately.

This study was supported by the Brain Korea 21 Project in 2004.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Lin, A.: Integrating Policy-Driven Role Based Access Control with the Common Data Security Architecture. HP Labs Technical Reports, HPL-1999-59, 990430, External (1999)

    Google Scholar 

  2. Wright, C., Cowan, C., Morris, J., Smalley, S., Kroah-Hartman, G.: Linux Security Module Framework (2002), http://www.kroah.com/linux/talks/ols_2002_lsm_paper/lsm.pdf

  3. Overview: Cisco Administrative Policy Engine, http://www.cisco.com/univercd/cc/td/doc/product/rtrmgmt/cape/admin_gd/ovrvw_ad.htm

  4. Ferraiolo, D.F., Kuhn, D.R., Chandramouli, R.: Role-Based Access Control. Artech House, Inc., Norwood (2003)

    MATH  Google Scholar 

  5. Ghosh, A.K., Schwartzbard, A.: A study in using neural networks for anomaly and misuse detection. In: Proceeding of the 8th USENIX Security Symposium, Washington, D.C., USA, August 23-26 (1999)

    Google Scholar 

  6. Zhang, Z., Li, J., Manikopoulos, C.N., Jorgenson, J., Ucles, J.: HIDE: a Hierarchical Network Intrusion Detection System Using Statistical Preprocessing and Neural Network Classification. In: Proceedings of the 2001 IEEE Workshop on Information Assurance and Security United States Military Academy, West Point, NY (2001)

    Google Scholar 

  7. Chari, S.N., Cheng, P.-C.: BlueBox: A Policy-driven, Host-Based Intrusion Detection System. ACM Transactions on Information and System Security (TISSEC) 6(2), 173–200 (2003)

    Article  Google Scholar 

  8. Ganek, A.G., Corbi, T.A.: The dawning of the autonomic computing era. Ibm Systems Journal, Vol 42(1) (2003)

    Google Scholar 

  9. Mainsah, E.: Autonomic computing: the next era of computing. Electronics & Communication Engineering Journal (2002)

    Google Scholar 

  10. Kephart, J.O., Chess, D.M.: The Vision of Autonomic Computing. The IEEE Computer Society, Los Alamitos (2003)

    Google Scholar 

  11. Autonomic Computing Overview Questions & Answers, http://www.research.ibm.com/autonomic/overview/faqs.html

  12. Park, S.-h., Kim, W., Kim, D.-k.: Agent-Based Protection System in Autonomic Computing Environment. In: Proceedings of PRIMA 2003, pp. 117–128 (2003)

    Google Scholar 

  13. Stanger, J., Lane, P.T.: Hack Proofing Linux: A Guide to Open Source Security. Syngress Publishing Inc. (2001)

    Google Scholar 

  14. Foukia, N., Hassas, S., Hulaas, S.F.J.: An Intrusion Response An Intrusion Response Scheme: Tracking the Source Using the Stigmergy Paradigm. In: Proceedings of Security Of Mobile Multiagent Systems Ws, SEMAS 2002 (2002)

    Google Scholar 

  15. Carver Jr., C.A.: Intrusion Response Systems: A Survey. Department of Computer Science, Texas A&M University, College Station, TX 77843-3112, USA (2001)

    Google Scholar 

  16. Jansen, W., Mell, P., Karygiannis, T., Marks, D.: Mobile agents in intrusion detection and response. In: 12th Annual Canadian Information Technology Security Symposium, Ottowa, Canada (2000)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Graduate School of Information and Communication, Ajou University, Suwon, 443-749, Republic of Korea

    Sihn-hye Park

  2. College of Electronics and Information Engineering, Sejong University, Seoul, 143-747, Republic of Korea

    Wonil Kim

  3. College of Information Technology, Ajou University, Suwon, 443-749, Republic of Korea

    Dong-kyoo Kim

Authors
  1. Sihn-hye Park
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Wonil Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Dong-kyoo Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Chemistry, University of Perugia, Via Elce di Sotto, 8, I-06123, Perugia, Italy

    Antonio Laganá

  2. Department of Computer Science, University of Calgary, 2500 University Drive N.W., T2N 1N4, Calgary, AB, Canada

    Marina L. Gavrilova

  3. William Norris Professor, Head of the Computer Science and Engineering Department, University of Minnesota, USA

    Vipin Kumar

  4. School of Computing, Soongsil University, Seoul, Korea

    Youngsong Mun

  5. OptimaNumerics Ltd., Cathedral House, 23-31 Waring Street, BT1 2DX, Belfast, UK

    C. J. Kenneth Tan

  6. Department of Mathematics and Computer Science, University of Perugia, via Vanvitelli, 1, I-06123, Perugia, Italy

    Osvaldo Gervasi

Rights and permissions

Reprints and permissions

Copyright information

© 2004 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Park, Sh., Kim, W., Kim, Dk. (2004). Autonomic Protection System Using Adaptive Security Policy. In: Laganá, A., Gavrilova, M.L., Kumar, V., Mun, Y., Tan, C.J.K., Gervasi, O. (eds) Computational Science and Its Applications – ICCSA 2004. ICCSA 2004. Lecture Notes in Computer Science, vol 3045. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-24767-8_94

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-24767-8_94

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-22057-2

  • Online ISBN: 978-3-540-24767-8

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics