Automatic security assessment for next generation wireless mobile networks

Mobile Information Systems

Volumn 7, Issue 3, 2011, Pages 217-239

  Palmieri, Francesco ^a   Fiore, Ugo ^b   Castiglione, Aniello ^c  

^a SECOND UNIVERSITY OF NAPLES   (Italy)

^b UNIVERSITY OF NAPLES FEDERICO II   (Italy)

^c UNIVERSITY OF SALERNO   (Italy)

Author keywords

active networks; analytic hierarchy process; Dynamic access control; multiple criteria decision analysis; nomadic computing; security assessment; security audit; ubiquitous networking

Indexed keywords

ACTIVE NETWORKS; AUTHENTICATION; DECISION THEORY; HIERARCHICAL SYSTEMS; KNOWLEDGE BASED SYSTEMS; RATING; SECURITY SYSTEMS; TELECOMMUNICATION EQUIPMENT; WI-FI;

ANALYTIC HIERARCHY; DYNAMIC ACCESS CONTROL; MULTIPLE CRITERIA DECISION ANALYSIS; NOMADIC COMPUTING; SECURITY ASSESSMENT; SECURITY AUDIT; UBIQUITOUS NETWORKING;

WIRELESS NETWORKS;

EID: 80052642192     PISSN: 1574017X     EISSN: None     Source Type: Journal    
DOI: 10.3233/MIS-2011-0119     Document Type: Article

References (36)

1. M.S. Ahmed, E.Al-Shaer and L.Khan, A Novel Quantitative Approach ForMeasuring Network Security, In INFOCOM, pages 1957-1965. IEEE, 2008.
2. U. Aickelin, P.J. Bentley, S. Cayzer, J. Kim and J. McLeod, Danger Theory: The Link between AIS and IDS? in: ICARIS, J. Timmis, P.J. Bentley and E. Hart, eds, volume 2787 of Lecture Notes in Computer Science, pages 147-155. Springer, 2003.
3. D.R. Anderson, D.J. Sweeney and T.A. Williams, Quantitative methods for business, South-Western Pub, Cincinnati, Ohio, 2000.
4. M.A. Bishop, The Art and Science of Computer Security, Addison-Wesley Longman Publishing Co., Inc., Boston, MA, USA, 2002.
5. T. Brown, OpenVAS-The Open Vulnerability Assessment System (OpenVAS). http://www.openvas.org/.
6. T.M. Corporation, CVE-Common Vulnerabilities and Exposures. http://cve.mitre.org.
7. M. de Vivo, E. Carrasco, G. Isern and G.O. de Vivo, A review of port scanning techniques, Computer Communication Review 29(2) (1999), 41-48. (Pubitemid 129669578)
8. N. Dimmock, A. Belokosztolszki, D.M. Eyers, J. Bacon and K. Moody, Using trust and risk in role-based access control policies, In Trent Jaeger and Elena Ferrari, editors, SACMAT, pages 156-162. ACM, 2004.
9. P. F̈ul̈op, S. Imre, S. Szab́o and T. Sźalka, Accurate mobility modeling and location prediction based on pattern analysis of handover series in mobile networks, Mobile Information Systems 5(3) (2009), 255-289.
10. A. Gaddah and T. Kunz, Extending mobility to publish/subscribe systems using a pro-active caching approach, Mobile Information Systems 6(4) (2010), 293-324.
11. C. Godsil and G.F. Royle, Algebraic Graph Theory, http://www.amazon.com/ exec/obidos/redirect?path=ASIN/0387952209, April 2001.
12. A. Hess and N. Karowski, Automated protection of end-systems against known attacks. In Proceedings of IEEE/IST Workshop on Monitoring, Attack Detection and Mitigation,(Tuebingen, Germany), 2006.
13. R.A. Horn and C.R. Johnson, Matrix analysis, Cambridge University Press, 1990.
14. J. Kim, P.J. Bentley, U. Aickelin, J. Greensmith, G. Tedesco and J. Twycross, Immune system approaches to intrusion detection-a review, Natural Computing 6(4) (2007), 413-466. (Pubitemid 47629391)
15. K. Knorr, Dynamic Access Control through Petri Net Workflows, In ACSAC, pages 159-167. IEEE Computer Society, 2000.
16. D. Levin, Lessons learned in using live red teams in ia experiments, In DISCEX (1), pages 110-119. IEEE Computer Society, 2003.
17. D. Liu, L.J. Camp, X. Wang and L. Wang, Using Budget-Based Access Control to Manage Operational Risks Caused by Insiders, Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications 1(1) (2010), 29-45.
18. G.F. Lyon, NMAP-Free Security Scanner For Network Exploration and Hacking. http://nmap.org.
19. P.C. Mahalanobis, On the generalised distance in statistics, In Proceedings National Institute of Science, India, volume 2, pages 49-55, April 1936.
20. P. Mell, K. Scarfone and S. Romanosky, A Complete Guide to the Common Vulnerability Scoring System Version 2.0, http://www.first.org/cvss/cvss-guide. html.
21. M.E. Mohamed, B.B. Samir and A. Abdullah, Immune Multiagent System for Network Intrusion Detection using Non-linear Classification Algorithm, International Journal of Computer Applications 12(7) (2010), 7-12.
22. H.D. Moore, Metasploit-free, open source penetration testing solution, http://www.metasploit.com/.
23. F. Palmieri and U. Fiore, Audit-Based Access Control in Nomadic Wireless Environments, in: ICCSA (3), volume 3982 of Lecture Notes in Computer Science,M.L. Gavrilova, O. Gervasi, V. Kumar, C.J.K. Tan, D. Taniar, A. Lagaǹa, Y. Mun and H. Choo, eds, Springer, 2006, pp. 537-545. (Pubitemid 44045229)
24. F. Palmieri and U. Fiore, Automated detection and containment of worms and viruses into heterogeneous networks: a simple network immune system, Int J Wire Mob Comput 2 (May 2007), 47-58.
25. F. Palmieri and U. Fiore, Network anomaly detection through nonlinear analysis, Computers & Security 29(7) (2010), 737-755.
26. S.C. Payne, A Guide to Security Metrics, Technical report, SANS Security Essentials GSEC Practical Assignment Version 1.2e, June 2006.
27. V. Pham, E. Larsen, Ø. Kure and P. Engelstad, Routing of internal MANET traffic over external networks, Mobile Information Systems 5(3) (2009), 291-311.
28. M. Roesch, SNORT-A free lightweight network intrusion detection system for UNIX and Windows. http://www. snort.org.
29. T.L. Saaty, Decision Making for Leaders: The Analytic Hierarchy Process for Decisions in a Complex World, RWS Publications, Pittsburgh, Pennsylvania, 1999.
30. T.L. Saaty, Decision making-The Analytic Hierarchy and Network Processes (AHP/ANP), Journal of Systems Science and Systems Engineering 13 (2004), 1-35. 10.1007/s11518-006-0151-5. (Pubitemid 38615199)
31. E. Shakshuki, X. Xing and T.R. Sheltami, Fault reconnaissance agent for sensor networks, Mobile Information Systems 6(3) (2010), 229-247.
32. Y.Q. Shi, T. Li,W. Chen and Y.M. Fu, Network Security Situation Prediction Using Artificial Immune System and Phase Space Reconstruction, Applied Mechanics and Materials 44-47 (2011), 3662-3666.
33. J. Sun, Y.Wang, H. Si, J. Yuan and X. Shan, Aggregate HumanMobilityModeling Using Principal Component Analysis, Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications 1(2/3) (2010), 83-95.
34. M. Swanson, N. Bartol, J. Sabato, J. Hash and L. Graffo, Security Metrics Guide for Information Technology Systems, Technical report, National Institute of Standards and Technology (NIST) Special Publication 800-55, 2007.
35. L. Teo, G.-J. Ahn and Y. Zheng, Dynamic and risk-aware network access management. In SACMAT, pages 217-230. ACM, 2003.
36. R.K. Thomas and R.S. Sandhu, Towards a task-based paradigm for flexible and adaptable access control in distributed applications, In Proceedings on the 1992-1993 workshop on New security paradigms, NSPW '92-93, pages 138-142, New York, NY, USA, 1993. ACM.