Vasilomanolakis, Emmanouil ; Kruegl, Matthias ; Garcia Cordero, Carlos ; Fischer, Mathias ; Mühlhäuser, Max (2015)
SkipMon: a Locality-Aware Collaborative Intrusion Detection System.
Nanjing, China
doi: 10.1109/PCCC.2015.7410282
Konferenzveröffentlichung, Bibliographie
Kurzbeschreibung (Abstract)
Due to the increasing quantity and sophistication of cyber-attacks, Intrusion Detection Systems (IDSs) are nowadays considered mandatory security mechanisms for protecting critical networks. Research on cyber-security is moving from such isolated IDSs towards Collaborative IDSs (CIDSs) in order to protect large-scale networks. In CIDSs, a number of IDS sensors work together for creating a holistic picture of the monitored network. Our contribution in this paper is a novel distributed and scalable CIDS, called SkipMon. Our system supports, both, the idea of locality and privacy preserving communication by means of exchanging compact alert data. Furthermore, we propose a mechanism for interconnecting sensors that experience similar traffic patterns. The experimental results suggest that our CIDS, with our technique of connecting monitoring nodes that experience similar traffic, is scalable and offers a good accuracy rate compared to a centralized system with full knowledge of the participating sensors’ data.
| Typ des Eintrags: | Konferenzveröffentlichung |
|---|---|
| Erschienen: | 2015 |
| Autor(en): | Vasilomanolakis, Emmanouil ; Kruegl, Matthias ; Garcia Cordero, Carlos ; Fischer, Mathias ; Mühlhäuser, Max |
| Art des Eintrags: | Bibliographie |
| Titel: | SkipMon: a Locality-Aware Collaborative Intrusion Detection System |
| Sprache: | Deutsch |
| Publikationsjahr: | Dezember 2015 |
| Verlag: | IEEE |
| Buchtitel: | International Performance Computing and Communications Conference (IPCCC) |
| Veranstaltungsort: | Nanjing, China |
| DOI: | 10.1109/PCCC.2015.7410282 |
| Zugehörige Links: | |
| Kurzbeschreibung (Abstract): | Due to the increasing quantity and sophistication of cyber-attacks, Intrusion Detection Systems (IDSs) are nowadays considered mandatory security mechanisms for protecting critical networks. Research on cyber-security is moving from such isolated IDSs towards Collaborative IDSs (CIDSs) in order to protect large-scale networks. In CIDSs, a number of IDS sensors work together for creating a holistic picture of the monitored network. Our contribution in this paper is a novel distributed and scalable CIDS, called SkipMon. Our system supports, both, the idea of locality and privacy preserving communication by means of exchanging compact alert data. Furthermore, we propose a mechanism for interconnecting sensors that experience similar traffic patterns. The experimental results suggest that our CIDS, with our technique of connecting monitoring nodes that experience similar traffic, is scalable and offers a good accuracy rate compared to a centralized system with full knowledge of the participating sensors’ data. |
| Freie Schlagworte: | Secure Services;- SSI - Area Secure Smart Infrastructures |
| ID-Nummer: | TUD-CS-2015-1258 |
| Fachbereich(e)/-gebiet(e): | 20 Fachbereich Informatik 20 Fachbereich Informatik > Telekooperation LOEWE LOEWE > LOEWE-Zentren LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt |
| Hinterlegungsdatum: | 31 Dez 2016 12:59 |
| Letzte Änderung: | 14 Jun 2021 06:14 |
| PPN: | |
| Export: | |
| Suche nach Titel in: | TUfind oder in Google |
 |
Frage zum Eintrag |
Optionen (nur für Redakteure)
 |
Redaktionelle Details anzeigen |
Drucken
Impressum