A Study of Alert-Based Collaborative Defense

Las Vegas, Nevada, USA December 07-December 09

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/ISPAN.2005.13

8th International Symposium on Parall ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Wen-Yi Hsin Articles by Shun-Chieh Lin Articles by Shian-Shyong Tseng

	ASCII Text	x
	Wen-Yi Hsin, Shun-Chieh Lin, Shian-Shyong Tseng, "A Study of Alert-Based Collaborative Defense," Parallel Architectures, Algorithms, and Networks, International Symposium on, pp. 148-153, 8th International Symposium on Parallel Architectures,Algorithms and Networks (ISPAN'05), 2005.

	BibTex	x
	@article{ 10.1109/ISPAN.2005.13, author = {Wen-Yi Hsin and Shun-Chieh Lin and Shian-Shyong Tseng}, title = {A Study of Alert-Based Collaborative Defense}, journal ={Parallel Architectures, Algorithms, and Networks, International Symposium on}, volume = {0}, year = {2005}, issn = {1087-4089}, pages = {148-153}, doi = {http://doi.ieeecomputersociety.org/10.1109/ISPAN.2005.13}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Parallel Architectures, Algorithms, and Networks, International Symposium on TI - A Study of Alert-Based Collaborative Defense SN - 1087-4089 SP148 EP153 A1 - Wen-Yi Hsin, A1 - Shun-Chieh Lin, A1 - Shian-Shyong Tseng, PY - 2005 KW - null VL - 0 JA - Parallel Architectures, Algorithms, and Networks, International Symposium on ER -

Wen-Yi Hsin, National Chiao Tung University, Taiwan

Shun-Chieh Lin, National Chiao Tung University, Taiwan

Shian-Shyong Tseng, Asia University, Taiwan

We propose a framework for collaborative defense by extending the original distributed intrusion detection model. It contains alert's collector, extractor, analyzer, report's generator, alert warehouse and alert's analysis. Besides, we develop a hybrid approach to share security information like raising the wolf smoke to warn partners. By the security information sharing, the members of CSIRT can obtain the solutions of defense, such as blacklists, detection rules, and security knowledge about alerts. The framework provides a solution to build effective cooperative security teams for academia and industry.We evaluate the feasibility of our framework and track the spreading behaviors of the SQL Slammer Worm. As a result, we can deploy security system more widely and detect the aggressor's behavior more accurately. The alert-based collaborative defense mechanism can help members to evaluate the impact of the threats and take proper actions to mitigate the risk.

Citation:

Wen-Yi Hsin, Shun-Chieh Lin, Shian-Shyong Tseng, "A Study of Alert-Based Collaborative Defense," ispan, pp.148-153, 8th International Symposium on Parallel Architectures,Algorithms and Networks (ISPAN'05), 2005

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.