Good neighbors can make good fences: a peer-to-peer user security system

Friedman, Allan

doi:10.1109/mtas.2007.335569

Cited by 6 publications

(1 citation statement)

References 14 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The findings will greatly enhance the security posture of the businesses and organizations where the system is implemented. This research is revolutionary in its simplicity because it attempts to use techniques similar to those used in infecting and exploiting system vulnerabilities [8], [17].…”

Section: Discussionmentioning

confidence: 99%

Maximizing an Organization's Information Security Posture by Distributedly Assessing and Remedying System Vulnerabilities

Nunez

2008

2008 IEEE International Conference on Networking, Sensing and Control

View full text Add to dashboard Cite

Updating systems for security vulnerabilities has become a cumbersome yet necessary evil in today's environment of zero-day exploits and ever-changing threat matrix. The current state of affairs for the vulnerability and threat management functions are in dire need of a solution that can rapidly assess systems for vulnerabilities and fix them expeditiously. This will guarantee the effective reconnaissance of critical vulnerabilities in a more concise and cohesive fashion throughout all industries affected by the inherent risk in systems and applications, This will also help defend against super-fast worms and other malicious mobile code that can blaze through an organization's network leaving a path of compromised systems and reduced availability. The top-down centralized model for vulnerability assessment and remediation has proven inefficient and riddled with multiple vulnerabilities itself; the irony is befuddling. In this paper, we propose a framework to enhance an organization's information security posture by distributedly assessing and remedying system vulnerabilities. By creating and utilizing the proposed framework, we can ensure more vigilance, a progressive and reactive implementation of a patch-management and worm defense strategy, and increased efficiency in the distribution of updates. Malicious mobile code, specifically worms, are very efficient in their distribution, this is because they are able to infect other systems in a peer-to-peer distributed fashion. By utilizing a similar approach to vulnerability assessment and patch management we can ensure a higher coverage and redundancy for all systems within and organization. The framework proposed in this paper is timely since most peer-topeer distribution models focus more on content delivery and resource re-allocation.

show abstract

Section: Discussionmentioning

confidence: 99%