Towards Making SELinux Smart: Leveraging SELinux to Protect End Nodes in a Federated Environment
This paper describes an intelligent, active, real-time, risk adaptable access control (RAdAC) system designed to extend the benefits of the National Security Agency's Security-Enhanced Linux (NSA's SELinux) by using SELinux not only as a secure base, but also as a source of input features to a Support Vector Machine (SVM) that will classify events/attacks in several categories. By enhancing SELinux with intelligence, it is hoped that the design will lead to real-time, non-signature based defensive systems capable of detecting and taking action against hostile users in the earliest stages of an attack.
L. Markowsky, "Towards Making SELinux Smart: Leveraging SELinux to Protect End Nodes in a Federated Environment," Proceedings of the 2012 International Conference on Artificial Intelligence, ICAI 2012 (2012, Las Vegas, NV), vol. 1, pp. 293-299, International Conference on Artificial Intelligence, Jul 2012.
2012 International Conference on Artificial Intelligence, ICAI 2012 (2012: Jul. 16-19, Las Vegas, NV)
Keywords and Phrases
Defensive systems; Input features; National security agencies; RAdAC; Security-enhanced linux; SELinux; Access control; Artificial intelligence; Learning systems; Support vector machines; Computer operating systems; Machine learning; Risk adaptable access control
International Standard Book Number (ISBN)
Article - Conference proceedings
© 2012 International Conference on Artificial Intelligence, All rights reserved.
01 Jul 2012