Using Hierarchal Change Mining to Manage Network Security Policy Evolution
نویسندگان
چکیده
Managing the security of complex cloud and networked computing environments requires crafting security policy—ranging from natural-language text to highly-structured configuration rules, sometimes multi-layered—specifying correct system behavior in an adversarial environment. Since environments change and evolve, managing security requires managing evolution of policies, which adds another layer, the change log. However, evolution increases complexity, and the more complex a policy, the harder it is to manage and update, and the more prone it is to be incorrect. This paper proposes hierarchical change mining, drawing upon the tools of software engineering and data mining, to help practitioners introduce fewer errors when they update policy. We discuss our approach and initial findings based on two longitudinal real-world datasets: low-level router configurations from Dartmouth College and high-level Public Key Infrastructure (PKI) certificate policies from the International Grid Trust Federation (IGTF).
منابع مشابه
Network Risk Evaluation by Data Mining
Risk management is one of the most prominent concepts which has recently been brought into sharp focus regarding security issues in computer networks. Scientifically speaking, risk in the field of network security is a generalized matter leading the organization to the provision of resolutions which target resources and profits of the organization. This paper has discussed what methods are ...
متن کاملDDDAS/ITR: A Data Mining and Exploration Middleware for Grid and Distributed Computing
We describe our project that marries data mining together with Grid computing. Specifically, we focus on one data mining application the Minnesota Intrusion Detection System (MINDS), which uses a suite of data mining based algorithms to address different aspects of cyber security including malicious activities such as denial-of-service (DoS) traffic, worms, policy violations and inside abuse. M...
متن کاملحاکمیت شبکهای در نهادهای پژوهشی امنیت سایبری
Governments change their governance style according to social, political and economic conditions. Cyber security technology is among today’s most changeable technologies, which is a critical key to the national security. Because of the weaknesses in the interaction among syber security research organizations, introducing a model for utilizing all existing capabilities can be an appro...
متن کاملPolicy Mining : a Bottom-Up Approach Toward Network Security Management. (Techniques de rôle mining pour la gestion de politiques de sécurité : application à l'administration de la sécurité réseau)
Today’s corporations rely entirely on their information systems, usually connected to the Internet. Network access control, mainly ensured by firewalls, has become a paramount necessity. Yet, the management of manually configured firewall rules is complex, error prone, and costly for large networks. Using high abstract models such as the Role Based Access Control (RBAC) model has proved to be e...
متن کامل