Logo des Repositoriums
 
Konferenzbeitrag

Intrusion detection in distributed systems using fingerprinting and massive event correlation

Vorschaubild nicht verfügbar

Volltext URI

Dokumententyp

Text/Conference Paper

Zusatzinformation

Datum

2013

Zeitschriftentitel

ISSN der Zeitschrift

Bandtitel

Verlag

Gesellschaft für Informatik e.V.

Zusammenfassung

New computing paradigms, such as mobile computing and cloud computing introduce considerable vulnerabilities to today's society. Systems do not only become more and more connected and interdependent, but multi-billion dollar markets have led to the emergence of new – economically motivated – forms of crime. Additionally, since most of today's critical infrastructures are controlled by complex ICT systems, service outages due to attacks can cause serious situations. However, because of the increasing scale and complexity of today's networked infrastructures, traditional protection mechanisms, such as firewalls and anti-virus software seem to become insufficient to guarantee an adequate level of security. In this paper, we present a novel intrusion detection concept which utilizes distributed monitoring and massive data correlation techniques to discover potential attack traces. This is crucial to establish situational awareness on a higher level and finally make informed decisions on mitigation strategies. In contrast to many others, this approach operates not on the network layer, but uses semantically rich service logs. We demonstrate the feasibility of our fingerprint-based anomaly detection approach in context of a real-world use cases and discuss its applicability.

Beschreibung

Skopik, Florian; Fiedler, Roman (2013): Intrusion detection in distributed systems using fingerprinting and massive event correlation. INFORMATIK 2013 – Informatik angepasst an Mensch, Organisation und Umwelt. Bonn: Gesellschaft für Informatik e.V.. PISSN: 1617-5468. ISBN: 978-3-88579-614-5. pp. 2240-2254. Regular Research Papers. Koblenz. 16.-20. September 2013

Schlagwörter

Zitierform

DOI

Tags