CSR-DMSS, SM: ConfVeal: Automated Testing of Security Configuration Enforcement in Distributed Networks

CSR-DMSS、SM:ConfVeal:分布式网络中安全配置实施的自动化测试

基本信息

  • 批准号:
    1019223
  • 负责人:
  • 金额:
    $ 21.29万
  • 依托单位:
  • 依托单位国家:
    美国
  • 项目类别:
    Standard Grant
  • 财政年份:
    2010
  • 资助国家:
    美国
  • 起止时间:
    2010-01-01 至 2013-08-31
  • 项目状态:
    已结题

项目摘要

ConfVeal: Automated Testing of Security Conguration Enforcement in Access Control Devices As network security devices constantly updated in their implementation to accommodate new features, or new hardware optimization, the enforcement of the security conguration becomes questionable. In this project, we propose a fully automated pseudo-live testing system (called ConVeal) of security conguration enforcement of access control devices. Our system, ConfVeal, has two novel components: (1) Segmentation-based Test Trac Generator: it uses a novel technique that translates policy congurations into coarse and ne-grain segments in trac space and then generates packets intelligently according to the segment criticality in order to achieve high test space coverage, and (2) Comprehensive Policy Generator: it generates comprehensive policy proles considering various policy structures, eld values, rule complexity and interactions based on customized proles or learned features of existing policy conguration. This research will investigate fundamental issues related to security devices quality assurance. This is important for vendors, government and general consumers. We believe that our proposed research agenda will promote deployment new ecient techniques for access control conguration testing by vendors. New concepts and tools for testing security systems which will stimulate modeling and theorizing pseudo-live conguration testing in research and education. The project will integrate research and education through a close interaction between faculty and both graduate students.
由于网络安全设备的实现不断更新,以适应新的特性或新的硬件优化,因此安全配置的实施变得值得怀疑。在这个项目中,我们提出了一个访问控制设备安全配置强制执行的全自动伪实时测试系统(称为conval)。我们的系统ConfVeal有两个新颖的组成部分:(1)基于分段的测试轨迹生成器:它使用一种新颖的技术,将策略配置转换为轨迹空间中的粗粒和新粒段,然后根据段的临界性智能生成数据包,以实现高测试空间覆盖率;(2)综合策略生成器:它基于自定义的proles或现有策略配置的学习特征,生成综合的策略proles,考虑各种策略结构、字段值、规则复杂性和交互。本研究将探讨与安全装置品质保证相关的基本问题。这对供应商、政府和普通消费者都很重要。我们相信,我们提出的研究议程将促进厂商部署新的访问控制配置测试高效技术。用于测试安全系统的新概念和工具,将在研究和教育中促进模拟和理论化伪实时配置测试。该项目将通过教师和研究生之间的密切互动,将研究和教育结合起来。

项目成果

期刊论文数量(0)
专著数量(0)
科研奖励数量(0)
会议论文数量(0)
专利数量(0)

数据更新时间:{{ journalArticles.updateTime }}

{{ item.title }}
{{ item.translation_title }}
  • DOI:
    {{ item.doi }}
  • 发表时间:
    {{ item.publish_year }}
  • 期刊:
  • 影响因子:
    {{ item.factor }}
  • 作者:
    {{ item.authors }}
  • 通讯作者:
    {{ item.author }}

数据更新时间:{{ journalArticles.updateTime }}

{{ item.title }}
  • 作者:
    {{ item.author }}

数据更新时间:{{ monograph.updateTime }}

{{ item.title }}
  • 作者:
    {{ item.author }}

数据更新时间:{{ sciAawards.updateTime }}

{{ item.title }}
  • 作者:
    {{ item.author }}

数据更新时间:{{ conferencePapers.updateTime }}

{{ item.title }}
  • 作者:
    {{ item.author }}

数据更新时间:{{ patent.updateTime }}

Ehab Al-Shaer其他文献

ROI-Driven Cyber Risk Mitigation Using Host Compliance and Network Configuration
  • DOI:
    10.1007/s10922-017-9428-x
  • 发表时间:
    2017-10-09
  • 期刊:
  • 影响因子:
    3.900
  • 作者:
    Mohammed Noraden Alsaleh;Ehab Al-Shaer;Ghaith Husari
  • 通讯作者:
    Ghaith Husari
Automated Security Configuration Management
Objective Risk Evaluation for Automated Security Management
  • DOI:
    10.1007/s10922-010-9177-6
  • 发表时间:
    2010-10-30
  • 期刊:
  • 影响因子:
    3.900
  • 作者:
    Mohammad Salim Ahmed;Ehab Al-Shaer;Mohamed Taibah;Latifur Khan
  • 通讯作者:
    Latifur Khan

Ehab Al-Shaer的其他文献

{{ item.title }}
{{ item.translation_title }}
  • DOI:
    {{ item.doi }}
  • 发表时间:
    {{ item.publish_year }}
  • 期刊:
  • 影响因子:
    {{ item.factor }}
  • 作者:
    {{ item.authors }}
  • 通讯作者:
    {{ item.author }}

{{ truncateString('Ehab Al-Shaer', 18)}}的其他基金

CSR: Small: Collaborative Research: Multi-party Collaborative Data Access
CSR:小:协作研究:多方协作数据访问
  • 批准号:
    1527390
  • 财政年份:
    2015
  • 资助金额:
    $ 21.29万
  • 项目类别:
    Standard Grant
CyberSEES: Enabling Sustainable Civil Infrastructure Using Interactive Formal Analytics for Structural Health Diagnosis
Cyber​​SEES:使用交互式形式分析进行结构健康诊断,实现可持续的民用基础设施
  • 批准号:
    1331825
  • 财政年份:
    2013
  • 资助金额:
    $ 21.29万
  • 项目类别:
    Standard Grant
EAGER: Toward Automated Integration of Moving Target Defense Techniques
EAGER:迈向移动目标防御技术的自动化集成
  • 批准号:
    1352238
  • 财政年份:
    2013
  • 资助金额:
    $ 21.29万
  • 项目类别:
    Standard Grant
NeTS: Small: Collaborative Research: Enabling Network Agility Through Virtualized Infrastructure Migration
NetS:小型:协作研究:通过虚拟化基础设施迁移实现网络敏捷性
  • 批准号:
    1320662
  • 财政年份:
    2013
  • 资助金额:
    $ 21.29万
  • 项目类别:
    Standard Grant
I/UCRC: Collaborative Research: I/UCRC Center for Configuration Analytics and Automation
I/UCRC:合作研究:I/UCRC 配置分析和自动化中心
  • 批准号:
    1266360
  • 财政年份:
    2013
  • 资助金额:
    $ 21.29万
  • 项目类别:
    Continuing Grant
Planning Grant: I/UCRC for Configuration Analytics and Automation
规划资助:I/UCRC 用于配置分析和自动化
  • 批准号:
    1161015
  • 财政年份:
    2012
  • 资助金额:
    $ 21.29万
  • 项目类别:
    Standard Grant
SafeConfig Symposium Student Travel Award
SafeConfig 研讨会学生旅行奖
  • 批准号:
    1153691
  • 财政年份:
    2011
  • 资助金额:
    $ 21.29万
  • 项目类别:
    Standard Grant
TC: EAGER: Investigations of Next-generation Network Reconnaissance Attack Techniques and Limitations
TC:EAGER:下一代网络侦察攻击技术和局限性的调查
  • 批准号:
    1023868
  • 财政年份:
    2010
  • 资助金额:
    $ 21.29万
  • 项目类别:
    Standard Grant
CSR: Small: Collaborative Research: Towards Collaborative Overlay Problem Diagnosis Using Evidential Reasoning and Adaptive Monitoring
CSR:小型:协作研究:使用证据推理和自适应监控进行协作叠加问题诊断
  • 批准号:
    1017237
  • 财政年份:
    2010
  • 资助金额:
    $ 21.29万
  • 项目类别:
    Standard Grant
Global Verification and Dynamic Optimization of Network Security Polices
网络安全策略全局验证与动态优化
  • 批准号:
    1019222
  • 财政年份:
    2010
  • 资助金额:
    $ 21.29万
  • 项目类别:
    Continuing Grant

相似海外基金

CSR-DMSS,SM: Cooperative Activity Analysis in Wireless Smart-Camera Networks (Wi-SCaNs)
CSR-DMSS,SM:无线智能相机网络 (Wi-SCaN) 中的协作活动分析
  • 批准号:
    1205458
  • 财政年份:
    2011
  • 资助金额:
    $ 21.29万
  • 项目类别:
    Standard Grant
CSR-DMSS, SM, Harmony: Efficient Integrated Resource/Trust Management in Large-Scale Distributed Systems
CSR-DMSS、SM、Harmony:大规模分布式系统中的高效集成资源/信任管理
  • 批准号:
    1025649
  • 财政年份:
    2009
  • 资助金额:
    $ 21.29万
  • 项目类别:
    Standard Grant
CSR-DMSS-SM: Skeptical Systems
CSR-DMSS-SM:怀疑系统
  • 批准号:
    0834392
  • 财政年份:
    2008
  • 资助金额:
    $ 21.29万
  • 项目类别:
    Continuing Grant
CSR-DMSS, SM: Energy-Efficient and Reliability-Aware Data Management in Mobile Storage Systems
CSR-DMSS、SM:移动存储系统中的节能和可靠性感知数据管理
  • 批准号:
    0834466
  • 财政年份:
    2008
  • 资助金额:
    $ 21.29万
  • 项目类别:
    Continuing Grant
CSR-DMSS, SM: View Control Management in Geographically Distributed Tele-Immersive Environments
CSR-DMSS、SM:地理分布式远程沉浸式环境中的视图控制管理
  • 批准号:
    0834480
  • 财政年份:
    2008
  • 资助金额:
    $ 21.29万
  • 项目类别:
    Continuing Grant
CSR-DMSS, SM, Harmony: Efficient Integrated Resource/Trust Management in Large-Scale Distributed Systems
CSR-DMSS、SM、Harmony:大规模分布式系统中的高效集成资源/信任管理
  • 批准号:
    0834592
  • 财政年份:
    2008
  • 资助金额:
    $ 21.29万
  • 项目类别:
    Standard Grant
CSR-DMSS, SM: Aeolus: Secure Support for Preserving Confidentiality and Integrity in a Distributed Environment
CSR-DMSS、SM:Aeolus:在分布式环境中保护机密性和完整性的安全支持
  • 批准号:
    0834239
  • 财政年份:
    2008
  • 资助金额:
    $ 21.29万
  • 项目类别:
    Continuing Grant
CSR-DMSS, SM: A Holistic Approach to Reliable Pervasive Systems
CSR-DMSS、SM:实现可靠普及系统的整体方法
  • 批准号:
    0834529
  • 财政年份:
    2008
  • 资助金额:
    $ 21.29万
  • 项目类别:
    Continuing Grant
CSR-DMSS, SM: Web on Demand - Bridging the Gap Between Social Networks and Ad Hoc Networking
CSR-DMSS、SM:Web on Demand - 弥合社交网络和 Ad Hoc 网络之间的差距
  • 批准号:
    0834545
  • 财政年份:
    2008
  • 资助金额:
    $ 21.29万
  • 项目类别:
    Continuing Grant
CSR-DMSS, SM: Incremental Web-scale Data Processing
CSR-DMSS、SM:增量网络规模数据处理
  • 批准号:
    0834784
  • 财政年份:
    2008
  • 资助金额:
    $ 21.29万
  • 项目类别:
    Standard Grant
{{ showInfoDetail.title }}

作者:{{ showInfoDetail.author }}

知道了