Auflistung nach Autor:in "Chinnow, Joel"
1 - 2 von 2
Treffer pro Seite
Sortieroptionen
- KonferenzbeitragEvaluation of attacks and countermeasures in large scale networks(INFORMATIK 2011 – Informatik schafft Communities, 2011) Chinnow, Joel; Bye, Rainer; Camtepe, Ahmet; Bsufka, Karsten; Albayrak, SahinComputer worms represent a serious threat for modern communication infrastructures. These epidemics can cause great damage such as financial losses or interruption of critical services which support lives of citizens. These worms can spread with a speed which prevents instant human intervention. Therefore automatic detection and mitigation techniques need to be developed. However, if these techniques are not designed and intensively tested in realistic environments, they may cause even more harm as they heavily interfere with high volume communication flows. We present a simulation model which allows studies of worm spread and counter measures in large scale multi-AS topologies with millions of IP addresses.
- KonferenzbeitragFramework for evaluating collaborative intrusion detection systems(INFORMATIK 2011 – Informatik schafft Communities, 2011) Grunewald, Dennis; Chinnow, Joel; Bye, Rainer; Camtepe, Ahmet; Albayrak, SahinSecuring IT infrastructures of our modern lives is a challenging task because of their increasing complexity, scale and agile nature. Monolithic approaches such as using stand-alone firewalls and IDS devices for protecting the perimeter cannot cope with complex malwares and multistep attacks. Collaborative security emerges as a promising approach. But, research results in collaborative security are not mature, yet, and they require continuous evaluation and testing. In this work, we present CIDE, a Collaborative Intrusion Detection Extension for the network security simulation platform (NeSSi2). Built-in functionalities include dynamic group formation based on node preferences, group-internal communication, group management and an approach for handling the infection process for malwarebased attacks. The CIDE simulation environment provides functionalities for easy implementation of collaborating nodes in large-scale setups. We evaluate the group communication mechanism on the one hand and provide a case study and evaluate our collaborative security evaluation platform in a signature exchange scenario on the other.