Framework for evaluating collaborative intrusion detection systems

Securing IT infrastructures of our modern lives is a challenging task because of their increasing complexity, scale and agile nature. Monolithic approaches such as using stand-alone firewalls and IDS devices for protecting the perimeter cannot cope with complex malwares and multistep attacks. Collaborative security emerges as a promising approach. But, research results in collaborative security are not mature, yet, and they require continuous evaluation and testing. In this work, we present CIDE, a Collaborative Intrusion Detection Extension for the network security simulation platform (NeSSi2). Built-in functionalities include dynamic group formation based on node preferences, group-internal communication, group management and an approach for handling the infection process for malwarebased attacks. The CIDE simulation environment provides functionalities for easy implementation of collaborating nodes in large-scale setups. We evaluate the group communication mechanism on the one hand and provide a case study and evaluate our collaborative security evaluation platform in a signature exchange scenario on the other.

Grunewald, Dennis; Chinnow, Joel; Bye, Rainer; Camtepe, Ahmet; Albayrak, Sahin (2011): Framework for evaluating collaborative intrusion detection systems. INFORMATIK 2011 – Informatik schafft Communities. Bonn: Gesellschaft für Informatik e.V.. PISSN: 1617-5468. ISBN: 978-88579-286-4. pp. 116-116. Regular Research Papers. Berlin. 4.-7. Oktober 2011

Sammlungen

P192 - INFORMATIK 2011 - Informatik schafft Communities

Komplettanzeige

Framework for evaluating collaborative intrusion detection systems

Volltext URI

Dokumententyp

Dateien

Zusatzinformation

Datum

Autor:innen

Zeitschriftentitel

ISSN der Zeitschrift

Bandtitel

Quelle

Verlag

Zusammenfassung

Beschreibung

Schlagwörter

Zitierform

DOI

Tags

Sammlungen

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.