{"title":"Balancing safety against performance: tradeoffs in Internet security","authors":"Vu A. Ha, D. Musliner","doi":"10.1109/HICSS.2003.1174465","DOIUrl":null,"url":null,"abstract":"All Internet-accessible computing systems are currently faced with incessant threats ranging from simple script-kiddies to highly sophisticated criminal enterprises. In response to these threats, sites must perform extensive intrusion monitoring. This intrusion monitoring can have significant costs in terms of bandwidth, computing power, storage space, and licensing fees. Furthermore, when exploits are detected, the victims must take actions that can consume further resources and compromise their objectives (e.g., by reducing e-commerce server throughput). In this paper, we explore techniques for modeling the costs and benefits of various security monitoring and response actions. Given these models and stochastic expectations about the types of attacks that a site is likely to face, our CIRCADIA (cooperative intelligent real-time control architecture for dynamic information assurance) automatic security control system is able to make real-time tradeoffs between the level of safety and security that is enforced, and the level of system resources/performance that are applied to the main computational objectives (e.g., e-commerce transactions). We show how CIRCADIA is able to dynamically adjust its security activities to account for changing threat profiles and objectives. The result: a continually-optimized balance of security-maintaining activity that reduces risk while still allowing the system to meet its goals.","PeriodicalId":159242,"journal":{"name":"36th Annual Hawaii International Conference on System Sciences, 2003. Proceedings of the","volume":"28 10","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2003-02-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"36th Annual Hawaii International Conference on System Sciences, 2003. Proceedings of the","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/HICSS.2003.1174465","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 4
Abstract
All Internet-accessible computing systems are currently faced with incessant threats ranging from simple script-kiddies to highly sophisticated criminal enterprises. In response to these threats, sites must perform extensive intrusion monitoring. This intrusion monitoring can have significant costs in terms of bandwidth, computing power, storage space, and licensing fees. Furthermore, when exploits are detected, the victims must take actions that can consume further resources and compromise their objectives (e.g., by reducing e-commerce server throughput). In this paper, we explore techniques for modeling the costs and benefits of various security monitoring and response actions. Given these models and stochastic expectations about the types of attacks that a site is likely to face, our CIRCADIA (cooperative intelligent real-time control architecture for dynamic information assurance) automatic security control system is able to make real-time tradeoffs between the level of safety and security that is enforced, and the level of system resources/performance that are applied to the main computational objectives (e.g., e-commerce transactions). We show how CIRCADIA is able to dynamically adjust its security activities to account for changing threat profiles and objectives. The result: a continually-optimized balance of security-maintaining activity that reduces risk while still allowing the system to meet its goals.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
