Your search keyword '"Yurcik, W."' showing total 94 results

1. Searching for open windows and unlocked doors: Port scanning in large-scale commodity clusters

Author

Lee, AJ, Koenig, GA, Meng, X, Yurcik, W, Lee, AJ, Koenig, GA, Meng, X, and Yurcik, W

Abstract

Current methods for monitoring the security of large-scale commodity clusters tend to treat these clusters as nothing more than collections of independent nodes. As such, the techniques used to secure these clusters have, for the most part, been adaptations of techniques developed for securing and monitoring enterprise computing environments. We have previously proposed the idea of monitoring the security-state of large-scale commodity clusters by examining their emergent properties, that is, properties that are only visible when one ceases to look at a cluster as a collection of disparate nodes and begins to look at the properties of the cluster as a whole. We show that by correlating the open network ports observed on cluster nodes with other emergent properties - such as active processes and the contents of important system files-security analysts can make insightful observations that can greatly restrict the actions that an attacker can carry out undetected. © 2005 IEEE.

Published

2005

2. Cluster security with NVisionCC: Process monitoring by leveraging emergent properties

Author

Koenig, GA, Xin, M, Lee, AJ, Treaster, M, Kiyanclar, N, Yurcik, W, Koenig, GA, Xin, M, Lee, AJ, Treaster, M, Kiyanclar, N, and Yurcik, W

Abstract

We have observed that supercomputing clusters made up of commodity off-the-shelf computers possess emergent properties that are apparent when these systems are considered as an indivisible entity rather than as a collection of independent nodes. By exploiting predicatable characteristics inherent to supercomputing clusters coupled with these emergent properties, we propose several mechanisms by which cluster security may be enhanced. In this paper, we describe NVisionCC, a cluster security tool that monitors processes across cluster nodes and raises alerts when deviations from a predefined profile of expected processes are noted. Additionally, we demonstrate that the monitoring infrastructure used by NVisionCC incurs a negligible performance penalty on the computational and network resources of the cluster. © 2005 IEEE.

Published

2005

3. Toward a threat model for storage systems

Author

Hasan, R, Myagmar, S, Lee, AJ, Yurcik, W, Hasan, R, Myagmar, S, Lee, AJ, and Yurcik, W

Abstract

The growing number of storage security breaches as well as the need to adhere to government regulations is driving the need for greater storage protection. However, there is the lack of a comprehensive process to designing storage protection solutions. Designing protection for storage systems is best done by utilizing proactive system engineering rather than reacting with ad hoc countermeasures to the latest attack du jour. The purpose of threat modeling is to organize system threats and vulnerabilities into general classes to be addressed with known storage protection techniques. Although there has been prior work on threat modeling primarily for software applications, to our knowledge this is the first attempt at domain-specific threat modeling for storage systems. We discuss protection challenges unique to storage systems and propose two different processes to creating a threat model for storage systems: one based on classical security principles (Confidentiality, Integrity, Availability, Authentication, or CIAA) and another based on the Data Lifecycle Model. It is our hope that this initial work will start a discussion on how to better design and implement storage protection solutions against storage threats. Copyright 2005 ACM.

Published

2005

4. NVisionIP: NetFlow visualizations of system state for security situational awareness

Author

Lakkaraju, K, Yurcik, W, Lee, AJ, Lakkaraju, K, Yurcik, W, and Lee, AJ

Abstract

The number of attacks against large computer systems is currently growing at a rapid pace. Despite the best efforts of security analysts, large organizations are having trouble keeping on top of the current state of their networks. In this paper, we describe a tool called NVisionIP that is designed to increase the security analyst's situational awareness. As humans are inherently visual beings, NVisionIP uses a graphical representation of a class-B network to allow analysts to quickly visualize the current state of their network. We present an overview of NVisionIP along with a discussion of various types of security-related scenarios that it can be used to detect. Copyright 2004 ACM.

Published

2004

5. Maestro-VC: a paravirtualized execution environment for secure on-demand cluster computing

Author

Kiyanclar, N., primary, Koenig, G.A., additional, and Yurcik, W., additional

Published

2006

6. Multiring techniques for scalable battlespace group communications

Author

Wang, J., primary, Yurcik, W., additional, Yang, Y., additional, and Hester, J., additional

Published

2005

7. A survey of peer-to-peer storage techniques for distributed file systems

Author

Hasan, R., primary, Anwar, Z., additional, Yurcik, W., additional, Brumbaugh, L., additional, and Campbell, R., additional

Published

2005

8. A first step towards call survivability in cellular networks

Author

Anwar, Z., primary, Yurcik, W., additional, Baset, S., additional, Schulzrinne, H., additional, and Campbell, R.H., additional

Published

2005

9. Plethora: a framework for converting generic applications to run in a ubiquitous environment

Author

Anwar, Z., primary, Al-Muhtadi, J., additional, Yurcik, W., additional, and Campbell, R.H., additional

Published

2005

10. Clusters and security: distributed security for distributed systems

Author

Pourzandi, M., primary, Gordon, D., additional, Yurcik, W., additional, and Koenig, G.A., additional

Published

2005

11. Measuring anonymization privacy/analysis tradeoffs inherent to sharing network data.

Author

Yurcik, W., Woolam, C., Hellings, G., Khan, L., and Thuraisingham, B.

Published

2008

12. Stochastic Process Models for Packet/Analytic-Based Network Simulations.

Author

Cole, R.G., Riley, G., Cansever, D., and Yurcik, W.

Published

2008

13. Privacy/Analysis Tradeoffs in Sharing Anonymized Packet Traces: Single-Field Case.

Author

Yurcik, W., Woolam, C., Hellings, G., Khan, L., and Thuraisingham, B.

Published

2008

14. Outsourcing Security Analysis with Anonymized Logs.

Author

Jianqing Zhang, Borisov, N., and Yurcik, W.

Published

2006

15. NVision-PA: A Process Accounting Analysis Tool with a Security Focus on Masquerade Detection in HPC Clusters.

Author

Ermopoulos, C. and Yurcik, W.

Published

2006

16. Software technology issues for a US National Missile Defense System

Author

Yurcik, W., primary and Doss, D., additional

Published

2002

17. Closing-the-loop in NVisionIP: integrating discovery and search in security visualizations.

Author

Kiran Lakkaraju, Ratna Bearavolu, Slagell, A., Yurcik, W., and North, S.

Published

2005

18. Sharing computer network logs for security and privacy: a motivation for new methodologies of anonymization.

Author

Slagell, A. and Yurcik, W.

Published

2005

19. FABS: file and block surveillance system for determining anomalous disk accesses.

Author

Stanton, P.T., Yurcik, W., and Brumbaugh, L.

Published

2005

20. Closing-the-loop: discovery and search in security visualizations.

Author

Kiran Lakkaraju, Ratna Bearavolu, Slagell, A., and Yurcik, W.

Published

2005

21. The design of VisFlowConnect-IP: a link analysis system for IP security situational awareness.

Author

Xiaoxin Yin, Yurcik, W., and Slagell, A.

Published

2005

22. Adding confidentiality to application-level multicast by leveraging the multicast overlay.

Author

Abad, C., Gupta, I., and Yurcik, W.

Published

2005

23. Trade-offs in protecting storage: a meta-data comparison of cryptographic, backup/versioning, immutable/tamper-proof, and redundant storage solutions.

Author

Tucek, J., Stanton, P., Haubert, E., Hasan, R., Brumbaugh, L., and Yurcik, W.

Published

2005

24. VisFlowConnect: providing security situational awareness by visualizing network traffic flows.

Author

Xiaoxin Yin, Yurcik, W., Yifan Li, Lakkaraju, K., and Abad, C.

Published

2004

25. VRing: a case for building application-layer multicast rings (rather than trees).

Author

Sobeih, A., Yurcik, W., and Hou, J.C.

Published

2004

26. Log correlation for intrusion detection: a proof of concept.

Author

Abad, C., Taylor, J., Sengul, C., Yurcik, W., Zhou, Y., and Rowe, K.

Published

2003

27. Achieving fault-tolerant software with rejuvenation and reconfiguration

Author

Yurcik, W., primary and Doss, D., additional

Published

2001

28. A planning framework far implementing virtual private networks

Author

Yurcik, W., primary and Doss, D., additional

Published

2001

29. PingTV: a case study in visual network monitoring

Author

Gubin, A., primary, Yurcik, W., additional, and Brumbaugh, L., additional

Published

2001

30. Internet honeypots: protection or entrapment?

Author

Scottberg, B., Yurcik, W., and Doss, D.

Published

2002

31. Internet hack back: counter attacks as self-defense or vigilantism?

Author

Jayaswal, V., Yurcik, W., and Doss, D.

Published

2002

32. Ethical hacking: the security justification redux.

Author

Smith, B., Yurcik, W., and Doss, D.

Published

2002

33. A layered framework strategy for deploying high assurance VPNs.

Author

Patton, S., Smith, B., Doss, D., and Yurcik, W.

Published

2000

34. A survivability framework for connection-oriented group communications.

Author

Yurcik, W. and Tipper, D.

Published

2000

35. Providing ATM multipoint survivability via disjoint VC mesh backup groups.

Author

Yurcik, W.

Published

1998

36. Distributed weakness in virtual private networks

Author

Patton, S., primary, Doss, D., additional, and Yurcik, W., additional

37. Sharing computer network logs for security and privacy: a motivation for new methodologies of anonymization

Author

Slagell, A., primary and Yurcik, W., additional

38. NVisionIP: an interactive network flow visualization tool for security

Author

Lakkaraju, K., primary, Yurcik, W., additional, Bearavolu, R., additional, and Lee, A.J., additional

39. Open source versus commercial firewalls: functional comparison

Author

Patton, S., primary, Doss, D., additional, and Yurcik, W., additional

40. Network management visualization with PingTV

Author

Gubin, A., primary, Yurcik, W., additional, and Brumbaugh, L., additional

41. Application-level survivable software: rFTP proof-of-concept

Author

Grzywa, M., primary, Dharmik, A., additional, Yurcik, W., additional, and Brumbaugh, L., additional

42. A Survey of PKI Components and Scalability Issues

Author

Slagell, A., primary, Bonilla, R., additional, and Yurcik, W., additional

43. Internet hack back: counter attacks as self-defense or vigilantism?

Author

Jayaswal, V., primary, Yurcik, W., additional, and Doss, D., additional

44. Controlling intrusion detection systems by generating false positives: squealing proof-of-concept

Author

Yurcik, W., primary

45. Ethical hacking: the security justification redux

Author

Smith, B., primary, Yurcik, W., additional, and Doss, D., additional

46. BEASTS: an enterprise management tool for providing information survivability in dynamic heterogeneous networked environments

Author

Pluta, G., primary, Brumbaugh, L., additional, and Yurcik, W., additional

47. Adding Confidentiality to Application-Level Multicast by Leveraging the Multicast Overlay

Author

Abad, C., primary, Gupta, I., additional, and Yurcik, W., additional

48. Multiple Design Patterns for Voice over IP (VoIP) Security

Author

Anwar, Z., primary, Yurcik, W., additional, Johnson, R.E., additional, Hafiz, M., additional, and Campbell, R.H., additional

49. Providing ATM multipoint survivability via disjoint VC mesh backup groups

Author

Yurcik, W., primary

50. FABS: file and block surveillance system for determining anomalous disk accesses

Author

Stanton, P.T., primary, Yurcik, W., additional, and Brumbaugh, L., additional