In today's fast paced, infocentric environment, professionals increasingly rely on networked information technology to do business. Unfortunately, with the advent of such technology came new and complex problems that continue to threaten the availability, integrity, and confidentiality of our electronic information. It is therefore absolutely imperative to take measures to protect and defend information systems by ensuring their security and non-repudiation. Information Assurance skillfully addresses this issue by detailing the sufficient capacity networked systems need to operate while under attack, and itemizing failsafe design features such as alarms, restoration protocols, and management configurations to detect problems and automatically diagnose and respond. Moreover, this volume is unique in providing comprehensive coverage of both state-of-the-art survivability and security techniques, and the manner in which these two components interact to build robust Information Assurance (IA). KEY FEATURES* The first and (so far) only book to combine coverage of both security AND survivability in a networked information technology setting * Leading industry and academic researchers provide state-of-the-art survivability and security techniques and explain how these components interact in providing information assurance* Additional focus on security and survivability issues in wireless networks
Author(s): Yi Qian, David Tipper, Prashant Krishnamurthy, James Joshi
Year: 2007
Language: English
Pages: 577
Information Assurance......Page 8
Copyright Page......Page 9
Table of Contents......Page 12
Preface......Page 24
Contributors......Page 28
1.1 Introduction......Page 40
1.2 Information Assurance: Dependability and Security of Networked Information Systems......Page 42
1.3 Book Organization......Page 46
References......Page 53
Part I: Foundational Background on Security and Dependability Techniques......Page 56
2.2 Network Attacks and Security Issues......Page 58
2.3 Protection and Prevention......Page 66
2.4 Detection......Page 73
2.5 Assessment and Response......Page 75
References......Page 76
3.1 Introduction......Page 78
3.2 Identification and Authentication......Page 79
3.3 Access Control......Page 85
3.4 Access Control in Distributed Systems......Page 99
3.5 Digital Identity Management......Page 111
3.6 Conclusion......Page 115
References......Page 116
4.1 Introduction......Page 120
4.2 Prevention Techniques......Page 122
4.3 Survivable Network Design and Traffic Restoration Concepts......Page 123
4.4 Transport Network Recovery Techniques......Page 130
4.5 Survivable Network Design Techniques......Page 141
4.6 Multilayer Issues......Page 144
4.7 Conclusion and Future Research Areas......Page 146
References......Page 148
5.1 Introduction and Background......Page 152
5.2 Survivability and the Impact of Fault Models......Page 154
5.3 Design for Survivability......Page 158
5.4 Decentralized Storage......Page 165
5.5 Survivability of Large Distributed Systems......Page 167
5.6 Borrowing from Well-established Fields......Page 172
5.7 Conlusion......Page 180
References......Page 181
Part II: Modeling the Interaction Between Dependability and Security......Page 186
6.1 Introduction......Page 188
6.2 Basic Concepts and Related Work......Page 189
6.3 Proposed Taxonomy and Framework......Page 193
6.4 Dependability, Security, and their Attributes......Page 194
6.5 The Means to Attain Dependability and Security......Page 203
References......Page 207
7.1 Introduction......Page 210
7.2 Analytical Modeling Techniques......Page 212
7.3 Security Modeling......Page 218
7.4 Survivability Modeling......Page 229
References......Page 244
8.1 Introduction......Page 248
8.2 Stochastic Modeling......Page 252
8.3 Predicting Attacker Behavior......Page 260
8.4 Defining and Solving the Game......Page 264
8.5 Tuning the Game Parameters......Page 269
8.6 Case Study: DNS Service......Page 275
8.7 Conclusion......Page 279
References......Page 282
9.1 Introduction......Page 286
9.2 Algorithms for Generating Scenario Graphs......Page 287
9.3 Attack Graphs are Scenario Graphs......Page 290
9.4 Network Attack Graphs......Page 292
9.5 Example Network......Page 296
9.6 Attack Graph Analysis......Page 305
9.7 Practical Experience......Page 308
9.8 Related Work......Page 311
9.9 Future Work and Conclusion......Page 313
Acknowledgments......Page 314
References......Page 315
10.1 Introduction......Page 318
10.2 Review of Alert Correlation and Related Techniques......Page 321
10.3 Attack Graph......Page 323
10.4 Alert Correlation, Hypothesis, Prediction, and Aggregation......Page 326
10.6 Acknowledgments......Page 339
References......Page 340
Part III: Design and Architectural Issues for Secure and Dependable Systems......Page 344
11.1 Introduction......Page 346
11.2 Crosstalk Attack Features and Monitoring Techniques......Page 350
11.3 Node, Attack, and Monitor Models......Page 354
11.4 Necessary and Sufficient Conditions for Crosstalk Attack Detection......Page 359
11.5 One-Crosstalk Attack Diagnosable Conditions......Page 364
11.6 k-Crosstalk Attacks in the Network......Page 368
11.7 Sparse Monitoring and Routing Algorithms......Page 375
11.8 Sparse Monitoring, Test Connection, and Routing for More than One Original Attack Flow......Page 381
References......Page 384
12.1 Introduction......Page 388
12.2 Evaluation Goals......Page 391
12.3 Target System......Page 392
12.4 Error Model and Workload Selection......Page 394
12.5 Robustness Metrics......Page 400
12.6 Presentation and Interpretation of Results......Page 405
References......Page 409
Further Reading......Page 414
13.1 Introduction......Page 416
13.2 Static Decision-Making Systems......Page 420
13.3 Dynamic Decision-Making Systems......Page 426
13.4 Intrusion Tolerance Through Diverse Replicas......Page 436
13.5 Responses to Specific Kinds of Attacks......Page 442
13.6 Benchmarking Intrusion Response Systems......Page 446
13.7 Thoughts on Evolution of IRS Technology......Page 449
References......Page 451
14.1 Introduction......Page 456
14.2 Traffic Engineering Perspective and its Relation to Network Robustness......Page 458
14.3 Components of a Resilient Network Architecture......Page 462
14.4 Threats and Counter Measures in Link-State Routing......Page 463
14.5 Resilient Architecture: Virtualization and Routing......Page 474
References......Page 485
14.A.1 Using One-Way Function Chain to Build Key Chain......Page 488
14.A.2 Key Distribution......Page 490
14.A.3 Key Agreement Protocol......Page 493
14.A.4 Assessment......Page 495
15.1 Introduction......Page 498
15.2 Background......Page 499
15.3 Current Security Approaches in Wireless Networks......Page 502
15.4 Current Survivability Approaches in Wireless Networks......Page 504
15.5 Framework for Wireless Network Survivability and Security......Page 506
15.6 Interaction Between Survivability and Security in Wireless Networks......Page 509
15.7 Conclusion......Page 523
References......Page 524
16.1 Introduction......Page 528
16.2 Active Integrated Fault Identification Framework......Page 529
16.3 Fault and Security Management on High-Speed Networks......Page 545
References......Page 559
Index......Page 562