The trust management framework for peer-to-peer networks

Popularity of peer-to-peer (P2P) networks exposed a number of security vulnerabilities. Among those is a problem of finding reliable communication partners. In this thesis, we present an integrated trust framework for peer-to-peer networks that quantifies the trustworthiness of a peer via reputation-based trust mechanism and anomaly detection techniques. As opposed to other known techniques in P2P networks, our trust management schema is fully decentralized and does not rely on the co-operation of peers. Furthermore, the reputation computation is based on traffic coming from other peers. We also describe an anomaly detection procedure that analyses peer activity on the network and flags potentially malicious behavior by detecting deviation from peer profile. We present integration of our anomaly detection to trust management scheme and study the performance of reputation-based approach using implementation and performance of trust framework through simulation

A Multilevel Secure Relational Database Model with key-polyinstantiation

In multilevel security there is a hierarchy of users or user-levels, in which each user has its own version of information. Most of the existing multilevel secure (MLS) data models support u-polyinstantiation. The only model that supports key-polyinstantiation was proposed by Gadia et al[GS1998, JS1990, CG1995], but work on it remains incomplete. It is important for a model to support key-polyinstantiation because in the real world it is often the case that an object varies in its key value(s) (such as name, SSN, identification number etc.) when it occurs in the beliefs of different users. Thus having a unique key across beliefs limits our ability to accurately model the real world. Our work focuses on the relational database model, supports key-polyinstantiation and has semantics defined in an SQL-like format since most database users are experienced in using SQL and hence such semantics are intuitive and easy to understand

The Complete MLSK Model - incorporation of lattice operations and XML implementation

Many multilevel security relational models have been proposed and different models offer different advantages. In this paper, we adapt and refine some of the best ideas from these models and add new ones of own to extend our Multilevel Security with Key-polyinstantiation (MLSK) relational model. MLSK now supports relational algebra and user lattice manipulations while ensuring that the soundness, completeness and security that it originally guaranteed are not compromised. We also implement MLSK in a non-relational scenario, thereby demonstrating the extensibility of the model to other environments

The Methodology for Evaluating Response Cost for Intrusion Response Systems

Recent advances in the field of intrusion detection brought new requirements to intrusion prevention and response. Traditionally, the response to the detected attack was selected and deployed manually, in the recent years the focus has shifted towards developing automated and semi-automated methodologies for responding to intrusions. In this context, the cost-sensitive intrusion response models have gained the most interest mainly due to their emphasis on the balance between potential damage incurred by the intrusion and cost of the response. However, one of the challenges in applying this approach is defining consistent and adaptable measurement of these cost factors on the basis of requirements and policy of the system being protected against intrusions. In this paper we present a structured methodology for evaluating cost of responses based on three factors: the response operational cost associated with the daily maintenance of the response, the response goodness that measures the applicability of the selected response for a detected intrusion and the response impact on the system that refers to the possible response effect on the system functionality. The proposed approach provides consistent basis for response evaluation across different systems while incorporating security policy and properties of specific system environment. We demonstrate the advantages of the proposed cost model and evaluate it on the example of three systems

Application-layer denial of service attacks: taxonomy and survey

The recent escalation of application-layer denial of service (DoS) attacks has attracted a significant interest of the security research community. Since application-layer DoS attacks usually do not manifest themselves at the network level, they avoid traditional network-layer-based detection. Therefore, the security community has focused on specialised application-layer DoS attacks detection and mitigation mechanisms. However, the deployment of reliable and efficient defence mechanisms against these attacks requires the comprehensive understanding of the existing application-layer DoS attacks supported by a unified terminology. Thus, in this paper we address this issue and devise a taxonomy of application-layer DoS attacks. By devising the proposed taxonomy, we intend to give researchers a better understanding of these attacks and provide a foundation for organising research efforts within this specific field