ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Securing nomads: the case for quarantine, examination, and decontamination
Full text PdfPdf (693 KB)
Source New Security Paradigms Workshop archive
Proceedings of the 2003 workshop on New security paradigms table of contents
Ascona, Switzerland
SESSION: Ubiquitous computing/security table of contents
Pages: 123 - 128  
Year of Publication: 2003
ISBN:1-58113-880-6
Authors
Kevin Eustice  Corporation, El Segundo, CA
Leonard Kleinrock  University of California, Los Angeles, CA
Shane Markstrum  University of California, Los Angeles, CA
Gerald Popek  University of California, Los Angeles, CA
V. Ramakrishna  University of California, Los Angeles, CA
Peter Reiher  University of California, Los Angeles, CA
Sponsors
SIGSAC: ACM Special Interest Group on Security, Audit, and Control
: Applied Computer Security Associates (ACSA)
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 4,   Downloads (12 Months): 17,   Citation Count: 3
Additional Information:

abstract   references   cited by   index terms   collaborative colleagues  

Tools and Actions: Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/986655.986673
What is a DOI?

ABSTRACT

The rapid growth and increasing pervasiveness of wireless networks raises serious security concerns. Client devices will migrate between numerous diverse wireless environments, bringing with them software vulnerabilities and possibly malicious code. Techniques are needed to protect wireless client devices and the next generation wireless infrastructure. We propose QED, a new security model for wireless networks that enables wireless environments to quarantine devices and then analyze and potentially update or "decontaminate" client nodes. The QED paradigm is presented here, as well as the design of a practical prototype.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
J. Balasubramaniyan, J. Garcia-Fernandez, E. Spafford, D. Zamboni. An Architecture for Intrusion Detection using Autonomous Agents., COAST Technical Report 98/05, 1998.
 
2
Extensible Authentication Protocol - RFC 2284 - http://www.ietf, org/internet-drafts/draft-ietf-eap-rfc2284bis-01.txt
3
Yih-Chun Hu , Adrian Perrig , David B. Johnson, Ariadne:: a secure on-demand routing protocol for ad hoc networks, Proceedings of the 8th annual international conference on Mobile computing and networking, September 23-28, 2002, Atlanta, Georgia, USA  [doi>10.1145/570645.570648]
 
4
Iptables : http://www.netfilter.org/
 
5
Peter G. Neumann , Phillip A. Porras, Experience with EMERALD to Date, Proceedings of the Workshop on Intrusion Detection and Network Monitoring, p.73-80, April 09-12, 1999
 
6
Nam Nguyen, Peter Reiher, Geoff Kuenning, Detecting Insider Threats by Monitoring System Call Activity. Submitted to 4th Annual IEEE Information Assurance, West Point, New York, Mar 2003.
 
7
Nmap Network Mapper. http://www.insecure.org/nmap/
 
8
The Open Group's Common Data SecurityArchitecture(CDSA). http://www.opengroup.org/security/12-cdsa.htm
 
9
Paul Roberts. Hackers find way to exploit latest Microsoft hole. IDG News Service, Sept. 16, 2003. http://www.infoworld.com/article/03/09/16/HNhackers_l.html
 
10
Steven R. Snapp et al. DIDS (Distributed Intrusion Detection System) -Motivation, Architecture, and An Early Prototype. Proc. 14th National Computer Security Conference. Washington, DC, Oct. 1991, pp. 167176.
 
11
S. Staniford-Chen, S. Cheung, R. Crawford, M. Dilger, J. Frank, J. Hoagland, K. Levitt, C. Wee, R. Yip, D. Zerkle. GrIDS - A Graph Based Intrusion Detection System for Large Networks, in Proc. of the 19th National Information Systems Security Conference. Baltimore, MD, Oct. 1996, 361--370.
 
12
The Trusted Computing Platform Alliance http://www.trustedpc.org
 
13
W. Venema, W. and D. Farmer. Improving the Security of Your Site by Breaking Into It. 1993 Internet White paper. http://gd.tuwien.ac.at/infosys/security/wietse-archive/admin-guide-to-cracking. 101.Z

CITED BY  3
Surasak Sanguanpong , Urupoj Kanlayasiri, Worm damage minimization in enterprise networks, International Journal of Human-Computer Studies, v.65 n.1, p.3-16, January, 2007
Everett Anderson , Kevin Eustice , Shane Markstrum , Mark Hansen , Peter Reiher, Mobile Contagion: Simulation of Infection and Defense, Proceedings of the 19th Workshop on Principles of Advanced and Distributed Simulation, p.80-87, June 01-03, 2005
Patrick Traynor , Michael Chien , Scott Weaver , Boniface Hicks , Patrick McDaniel, Noninvasive Methods for Host Certification, ACM Transactions on Information and System Security (TISSEC), v.11 n.3, p.1-23, March 2008

INDEX TERMS

Primary Classification:
  C. Computer Systems Organization
  C.2 COMPUTER-COMMUNICATION NETWORKS
      C.2.0 General

Additional Classification:
  D. Software
  D.4 OPERATING SYSTEMS
      D.4.6 Security and Protection
          Subjects: Access controls; Invasive software (e.g., viruses, worms, Trojan horses)


General Terms:
Design, Human Factors, Security


Keywords:
decontamination, examination, mobile computing, nomadic computing, pervasive computing, quarantine, security, ubiquitous computing, wireless, worm

Collaborative Colleagues:
Kevin Eustice: colleagues
Leonard Kleinrock: colleagues
Shane Markstrum: colleagues
Gerald Popek: colleagues
V. Ramakrishna: colleagues
Peter Reiher: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player