Sciweavers

CNSR
2008
IEEE

Distributed Exchange of Alerts for the Detection of Coordinated Attacks

14 years 6 months ago
Distributed Exchange of Alerts for the Detection of Coordinated Attacks
Attacks and intrusions to information systems cause large revenue losses. The prevention of these attacks is not always possible by just considering information from isolated sources of the network. A global view of the whole system is necessary to react against the different actions of such an attack. The design and deployment of a decentralized system targeted at detecting as well as reacting to information system attacks might benefit from the use of the publish/subscribe model. In this paper, we discuss the advantages and convenience in using this communication paradigm for a general decentralized attack prevention framework and overview the design and implementation of our approach by using a combination of two different publish/subscribe middleware products. Furthermore, we present a quantitative evaluation of our approach.
Joaquín García-Alfaro, Michael A. Ja
Added 29 May 2010
Updated 29 May 2010
Type Conference
Year 2008
Where CNSR
Authors Joaquín García-Alfaro, Michael A. Jaeger, Gero Mühl, I. Barrera, Joan Borrell
Comments (0)