Logo des Repositoriums
 

Intrusion detection in distributed systems using fingerprinting and massive event correlation

dc.contributor.authorSkopik, Florian
dc.contributor.authorFiedler, Roman
dc.contributor.editorHorbach, Matthias
dc.date.accessioned2019-03-07T09:31:45Z
dc.date.available2019-03-07T09:31:45Z
dc.date.issued2013
dc.description.abstractNew computing paradigms, such as mobile computing and cloud computing introduce considerable vulnerabilities to today's society. Systems do not only become more and more connected and interdependent, but multi-billion dollar markets have led to the emergence of new – economically motivated – forms of crime. Additionally, since most of today's critical infrastructures are controlled by complex ICT systems, service outages due to attacks can cause serious situations. However, because of the increasing scale and complexity of today's networked infrastructures, traditional protection mechanisms, such as firewalls and anti-virus software seem to become insufficient to guarantee an adequate level of security. In this paper, we present a novel intrusion detection concept which utilizes distributed monitoring and massive data correlation techniques to discover potential attack traces. This is crucial to establish situational awareness on a higher level and finally make informed decisions on mitigation strategies. In contrast to many others, this approach operates not on the network layer, but uses semantically rich service logs. We demonstrate the feasibility of our fingerprint-based anomaly detection approach in context of a real-world use cases and discuss its applicability.en
dc.identifier.isbn978-3-88579-614-5
dc.identifier.pissn1617-5468
dc.identifier.urihttps://dl.gi.de/handle/20.500.12116/20652
dc.language.isoen
dc.publisherGesellschaft für Informatik e.V.
dc.relation.ispartofINFORMATIK 2013 – Informatik angepasst an Mensch, Organisation und Umwelt
dc.relation.ispartofseriesLecture Notes in Informatics (LNI) - Proceedings, Volume P-220
dc.titleIntrusion detection in distributed systems using fingerprinting and massive event correlationen
dc.typeText/Conference Paper
gi.citation.endPage2254
gi.citation.publisherPlaceBonn
gi.citation.startPage2240
gi.conference.date16.-20. September 2013
gi.conference.locationKoblenz
gi.conference.sessiontitleRegular Research Papers

Dateien

Originalbündel
1 - 1 von 1
Vorschaubild nicht verfügbar
Name:
2240.pdf
Größe:
404.49 KB
Format:
Adobe Portable Document Format