Towards Making SELinux Smart: The SELinux Sentry, Smart Sentry, and the Octave Fuzzy Logic Toolkit
Date of Award
5-2014
Level of Access Assigned by Author
Campus-Only Dissertation
Degree Name
Doctor of Philosophy (PhD)
Department
Computer Science
Advisor
James L. Fastook
Second Committee Member
David J. Batuski
Third Committee Member
Phillip M. Dickens
Abstract
Many zero-day and polymorphic cyberattacks effectively evade signature-based defenses. This thesis builds toward a defensive system designed to prevent many such attacks in real time on nearly any host running Linux. The SELinuxSentry and SmartSentry, two proof-of-concept prototypes, were designed and partially implemented. The two prototypes provide platforms at two levels in a layered security strategy on which to test the effectiveness of leveraging existing system messages to create smart, lightweight, non-signature based defenses. A preliminary version of the SmartSentry was shown to resist hostile enumeration. The Octave Fuzzy Logic Toolkit was developed as the basis for implementing the smart modules of the SELinuxSentry and SmartSentry. Both of these systems use fuzzy -logic-based algorithms to cluster unlabeled data and automatically generate a fuzzy inference system. The fuzzy-logic-based design was chosen over competing algorithms, such as support vector machines, in order to make the behavior of the intelligent modules as transparent as possible to human security administrators. The Octave Fuzzy Logic Toolkit is available as a free, open-source package on both Octave-Forge and Sourceforge and is shared under the GNU General Public License (GPLv3+).
Recommended Citation
Markowsky, Linda, "Towards Making SELinux Smart: The SELinux Sentry, Smart Sentry, and the Octave Fuzzy Logic Toolkit" (2014). Electronic Theses and Dissertations. 2394.
https://digitalcommons.library.umaine.edu/etd/2394