Framework for evaluating collaborative intrusion detection systems
| dc.contributor.author | Grunewald, Dennis | |
| dc.contributor.author | Chinnow, Joel | |
| dc.contributor.author | Bye, Rainer | |
| dc.contributor.author | Camtepe, Ahmet | |
| dc.contributor.author | Albayrak, Sahin | |
| dc.contributor.editor | Heiß, Hans-Ulrich | |
| dc.contributor.editor | Pepper, Peter | |
| dc.contributor.editor | Schlingloff, Holger | |
| dc.contributor.editor | Schneider, Jörg | |
| dc.date.accessioned | 2018-11-27T10:00:21Z | |
| dc.date.available | 2018-11-27T10:00:21Z | |
| dc.date.issued | 2011 | |
| dc.description.abstract | Securing IT infrastructures of our modern lives is a challenging task because of their increasing complexity, scale and agile nature. Monolithic approaches such as using stand-alone firewalls and IDS devices for protecting the perimeter cannot cope with complex malwares and multistep attacks. Collaborative security emerges as a promising approach. But, research results in collaborative security are not mature, yet, and they require continuous evaluation and testing. In this work, we present CIDE, a Collaborative Intrusion Detection Extension for the network security simulation platform (NeSSi2). Built-in functionalities include dynamic group formation based on node preferences, group-internal communication, group management and an approach for handling the infection process for malwarebased attacks. The CIDE simulation environment provides functionalities for easy implementation of collaborating nodes in large-scale setups. We evaluate the group communication mechanism on the one hand and provide a case study and evaluate our collaborative security evaluation platform in a signature exchange scenario on the other. | en |
| dc.identifier.isbn | 978-88579-286-4 | |
| dc.identifier.pissn | 1617-5468 | |
| dc.identifier.uri | https://dl.gi.de/handle/20.500.12116/18840 | |
| dc.language.iso | en | |
| dc.publisher | Gesellschaft für Informatik e.V. | |
| dc.relation.ispartof | INFORMATIK 2011 – Informatik schafft Communities | |
| dc.relation.ispartofseries | Lecture Notes in Informatics (LNI) - Proceedings, Volume P-192 | |
| dc.title | Framework for evaluating collaborative intrusion detection systems | en |
| dc.type | Text/Conference Paper | |
| gi.citation.endPage | 116 | |
| gi.citation.publisherPlace | Bonn | |
| gi.citation.startPage | 116 | |
| gi.conference.date | 4.-7. Oktober 2011 | |
| gi.conference.location | Berlin | |
| gi.conference.sessiontitle | Regular Research Papers |
Dateien
Originalbündel
1 - 1 von 1