Fatema Bannat Wala1,2 and Chase Cotton1
1Department of Electrical & Computer Engineering, University of Delaware, Newark
2University of Delaware, Newark, USA
ABSTRACT
Modern information security management best practices dictate that an enterprise assumes full
configuration control of end user computer systems (laptops, deskside computers, etc.). The benefit of this
explicit control yields lower support costs since there are less variation of machines, operating systems,
and applications to provide support on, but more importantly today, dictating specifically what software,
hardware, and security configurations exist on an end user's machine can help reduce the occurrence of
infection by malicious software significantly. If the data pertaining to end user systems is organized and
catalogued as part of normal information security logging activities, an extended picture of what the end
system actually is may be available to the investigator at a moment's notice to enhance incident response
and mitigation. The purpose of this research is to provide a way of cataloguing this data by using and
augmenting existing tools and open source software deployed in an enterprise network.
KEYWORDS
Endpoint security, device fingerprinting, scanning, inventory, BRO IDS, exploit.
For More Details:http://aircconline.com/ijnsa/V10N2/10218ijnsa01.pdf
No comments:
Post a Comment