Computer security has traditionally focused on system de- fense, concentrating on protection and recovery of victim machines. Moving from the opposite perspective, we pro- pose a complementary approach that focuses on limiting the attacking capabilities of the hosts. Software design and implementation weaknesses usually are at the basis of com- puter offensive capacities. Since software redesign or patch- ing on an extensive basis is not possible, we propose the adoption of a filtering strategy to block abuse attempts at the originating machines. As an example, applications of such an approach axe presented at host level, in order to prevent root compromise attacks, and at network level, in order to prevent DoS attacks, among others. The proposed solution is not a silver bullet and could be bypassed by sophisticated users. However, we believe it can effectively restrain the offensive capabilities of hosts that could be easily seized by crackers. We discuss the pros and cons of the proposed solution and present an application to host and network security.

Disarming offense to facilitate defense / D. Bruschi, E. Rosti - In: New Security Paradigms Workshop : proceedings, September 18th-22nd, 2000, Ballycotton, County Cork, IrelandNew York : ACM, 2000 Sep. - ISBN 1581132603. - pp. 69-75 (( convegno New security paradigms workshop tenutosi a Ballycotton nel 2999 [10.1145/366173.366192].

Disarming offense to facilitate defense

D. Bruschi
Primo
;
E. Rosti
Ultimo
2000

Abstract

Computer security has traditionally focused on system de- fense, concentrating on protection and recovery of victim machines. Moving from the opposite perspective, we pro- pose a complementary approach that focuses on limiting the attacking capabilities of the hosts. Software design and implementation weaknesses usually are at the basis of com- puter offensive capacities. Since software redesign or patch- ing on an extensive basis is not possible, we propose the adoption of a filtering strategy to block abuse attempts at the originating machines. As an example, applications of such an approach axe presented at host level, in order to prevent root compromise attacks, and at network level, in order to prevent DoS attacks, among others. The proposed solution is not a silver bullet and could be bypassed by sophisticated users. However, we believe it can effectively restrain the offensive capabilities of hosts that could be easily seized by crackers. We discuss the pros and cons of the proposed solution and present an application to host and network security.
Attack; Computer and network security; Defense; Disarm; Monitor; Offense
Settore INF/01 - Informatica
Association for Computing Machinery Special Interest Group on Security, Audit, and Control
Book Part (author)
File in questo prodotto:
Non ci sono file associati a questo prodotto.
Pubblicazioni consigliate

Caricamento pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/2434/258841
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 9
  • ???jsp.display-item.citation.isi??? ND
social impact