Security Management of Controlled Networks in a Resource-Constrained Environment

Doctoral Dissertation
Thumbnail

Abstract

The growing complexity of enterprise networks and the proliferation of security devices creates a resource availability crisis for security professionals seeking to concurrently manage security controls and analyze voluminous log records for evidence of suspicious activity. This dissertation proposes the use of data mining techniques and firewall management tools to facilitate the secure management of controlled networks and simultaneously reduce security management resource requirements.

The techniques presented in this dissertation each advance the state of the art in resource-constrained security management by focusing on the implementation of security controls in a controlled environment, such as a university data center. The techniques presented in this research present practical approaches to security management. Earlier work in this space offers unwieldy techniques difficult to implement in a production environment due to either the complexity of the technique or the overhead introduced by significant false positive rates. This work applies analysis techniques that leverage the uniquely stable nature of such environments and proposes an architecture for the extension of this control to mobile systems. It strives to maximize the benefit achieved by the tools while simultaneously minimizing the cost to the implementing organization.

Attributes

Attribute NameValues
URN
  • etd-06262009-085307

Author Michael Joseph Chapple
Advisor Charles Crowell
Contributor Charles Crowell, Committee Chair
Contributor Marina Blanton, Committee Member
Contributor Douglas Thain, Committee Member
Contributor Aaron Striegel, Committee Member
Contributor Nitesh Chawla, Committee Member
Degree Level Doctoral Dissertation
Degree Discipline Computer Science and Engineering
Degree Name PhD
Defense Date
  • 2009-06-25

Submission Date 2009-06-26
Country
  • United States of America

Subject
  • anomaly detection

  • data mining

  • information security

  • network management

Publisher
  • University of Notre Dame

Language
  • English

Record Visibility and Access Public
Content License
  • All rights reserved

Departments and Units

Files

Please Note: You may encounter a delay before a download begins. Large or infrequently accessed files can take several minutes to retrieve from our archival storage system.