Evaluating and enforcing policies in large-scale networks is one of the most challenging and significant problems facing the network security community today. Current solutions are limited by an out-of-date allow/deny paradigm, and policies are evaluated synchronously and independently at each service. This makes it difficult to detect or defend against multi-stage attacks, or attacks which begin as innocent requests and then later exhibit malicious behavior in the same context. In this paper we describe Arachne, a prototype for asynchronous policy evaluation. We evaluate the system by testing it against pre-recorded traffic containing known and unknown attacks and show that it is capable of processing events at more than 10x the required rate for a deployed, heavily-used network.

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	Coppermine Photo Gallery. http://www.coppermine-gallery.net.
	2	Y. Bartal, A. Mayer, K. Nissim, and A. Wool. Firmato: a novel firewall management toolkit. In Proceedings of the 1999 IEEE Symposium on Security and Privacy, pages 17--31, May 1999.
	3	M. Blaze , J. Feigenbaum , J. Ioannidis , A. Keromytis, The KeyNote Trust-Management System Version 2, RFC Editor, 1999
	4	Matthew Burnside and Angelos Keromytis. Arachne: Integrated enterprise security management. In 8th Annual IEEE SMC Information Assurance Workshop, pages 214--220, 2007.
	5	Matthew Burnside , Angelos D. Keromytis, Path-Based Access Control for Enterprise Networks, Proceedings of the 11th international conference on Information Security, September 15-18, 2008, Taipei, Taiwan  [doi>10.1007/978-3-540-85886-7_13]
	6	P. Calhoun, A. Rubens, H. Akhtar, and E. Guttman. DIAMETER Base Protocol. Internet Draft, Internet Engineering Task Force, December 1999. Work in progress.
	7	William R. Cheswick , Steven M. Bellovin, Firewalls and Internet security: repelling the wily hacker, Addison-Wesley Longman Publishing Co., Inc., Boston, MA, 1994
	8	Rahim Choudhary. A Policy Based Architecture for NSA RAdAC Model. In Proceedings of 6th IEEE Workshop on Information Assurance and Security, United States Military Academy, West Point, NY, June 2005.
	9	Rahim Choudhary. Compound Identity Measure: A New Concept in Information Assurance. In Proceedings of 7th IEEE Workshop on Information Assurance and Security, United States Military Academy, West Point, NY, June 2006.
	10	M. Damianou. A Policy Framework for Management of Distributed Systems. PhD thesis, 2002.
	11	George W. Dunlap , Samuel T. King , Sukru Cinar , Murtaza A. Basrai , Peter M. Chen, ReVirt: enabling intrusion analysis through virtual-machine logging and replay, Proceedings of the 5th symposium on Operating systems design and implementation Due to copyright restrictions we are not able to make the PDFs for this conference available for downloading , December 09-11, 2002, Boston, Massachusetts  [doi>10.1145/1060289.1060309]
	12	G. S. Graham and P. J. Denning. Protection: Principles and Practices. In Proceedings of the AFIPS Spring Joint Computer Conference, pages 417--429, 1972.
	13	Stephen Kent, Charles Lynn, and Kareo Seo. Secure border gateway protocol (secure-bgp). 18(4):582--592, April 2000.
	14	A. D. Keromytis, S. Ioannidis, M. B. Greenwald, and J. M. Smith. The STRONGMAN Architecture. In Proceedings of the 3rd DARPA Information Survivability Conference and Exposition (DISCEX III), pages 178--188, April 2003.
	15	B. W. Lampson. Protection. In Proceedings of the 5th Princeton Symposium on Information Sciences and Systems, pages 473--443, March 1971.
	16	Butler W. Lampson, Protection, ACM SIGOPS Operating Systems Review, v.8 n.1, p.18-24, January 1974  [doi>10.1145/775265.775268]
	17	Robert W. McGraw. Securing Content in the Department of Defense's Global Information Grid. In Secure Knowledge Management Workshop, State University of New York, Buffalo, NY, September 2004.
	18	J. Mogul , R. Rashid , M. Accetta, The packer filter: an efficient mechanism for user-level network code, Proceedings of the eleventh ACM Symposium on Operating systems principles, p.39-51, November 08-11, 1987, Austin, Texas, United States
	19	Peng Ning, Yun Cui, and Douglas S. Reeves. Analyzing intensive intrusion alerts via correlation. In Proceedings of the 5th International Symposium on Recent Advances in Intrusion Detection (RAID 2002), Zurich, Switzerland, October 2002.
	20	Jaehong Park , Ravi Sandhu, The UCONABC usage control model, ACM Transactions on Information and System Security (TISSEC), v.7 n.1, p.128-174, February 2004  [doi>10.1145/984334.984339]
	21	qaaz. Linux vmsplice Local Root Exploit. http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=464953, February 2008.
	22	C. Rigney , A. Rubens , W. Simpson , S. Willens, Remote Authentication Dial In User Service (RADIUS), RFC Editor, 1997
	23	J. Schnizlein, J. Strassner, M. Scherling, B. Quinn, S. Herzog, A. Huynh, M. Carlson, J. Perry, and S. Waldbusser. Terminology for Policy-Based Management. Request for Comments (Proposed Standard) 3198, Internet Engineering Task Force, November 2001.
	24	Oleg Sheyner , Joshua Haines , Somesh Jha , Richard Lippmann , Jeannette M. Wing, Automated Generation and Analysis of Attack Graphs, Proceedings of the 2002 IEEE Symposium on Security and Privacy, p.273, May 12-15, 2002
	25	Janek Vind. Remote Shell Command Execution in Coppermine 1.4.14. http://www.waraxe.us/advisory-65.html, January 2008.