Using hierarchal change mining to manage network security policy evolution
Hot-ICE'11 Proceedings of the 11th USENIX conference on Hot topics in management of internet, cloud, and enterprise networks and services
The placement-configuration problem for intrusion detection nodes in wireless sensor networks
Computers and Electrical Engineering
Trustworthy placements: Improving quality and resilience in collaborative attack detection
Computer Networks: The International Journal of Computer and Telecommunications Networking
| Hi-index | 0.00 |
We explore the idea of applying machine learning techniques to automatically infer risk-adaptive policies to reconfigure a network security architecture when the context in which it operates changes. To illustrate our approach, we consider the case of a MANET where nodes carrying sensitive services (e.g., web servers, key repositories, etc.) should consider relocating themselves into a different node to guarantee proper functioning. We use simulation to derive properties from a candidate policy, and then apply Genetic Programming and Multi-Objective Optimisation techniques to search for optimal candidates. The inferred policies take the form of risk-aware service relocation algorithms that autonomously dictate when and how to relocate services with the aim of keeping risk to a minimum. Since security policies often have implications in dimensions other than security, we force the learning process to consider also the consequences (performance, usability) of a given policy.