V-COPS: A Vulnerability-Based Cooperative Alert Distribution System

Shiping Chen; Sushil Jajodia; Dongyu Liu; Songqing Chen

doi:10.1109/ACSAC.2006.54

A
ACSAC
2006
22nd Annual Computer Security Applications Conference (ACSAC'06)
Abstract - V-COPS: A Vulnerability-Based Cooperative Alert Distribution System

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/EndNote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Shiping Chen Articles by Dongyu Liu Articles by Songqing Chen Articles by Sushil Jajodia

22nd Annual Computer Security Applications Conference (ACSAC'06)

V-COPS: A Vulnerability-Based Cooperative Alert Distribution System

Miami Beach, Florida, USA

December 11-December 15

ISBN: 0-7695-2716-7

	ASCII Text	x
	Shiping Chen, Dongyu Liu, Songqing Chen, Sushil Jajodia, "V-COPS: A Vulnerability-Based Cooperative Alert Distribution System," Computer Security Applications Conference, Annual, pp. 43-56, 22nd Annual Computer Security Applications Conference (ACSAC'06), 2006.

	BibTex	x
	@article{ 10.1109/ACSAC.2006.54, author = {Shiping Chen and Dongyu Liu and Songqing Chen and Sushil Jajodia}, title = {V-COPS: A Vulnerability-Based Cooperative Alert Distribution System}, journal ={Computer Security Applications Conference, Annual}, volume = {0}, year = {2006}, issn = {1063-9527}, pages = {43-56}, doi = {http://doi.ieeecomputersociety.org/10.1109/ACSAC.2006.54}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Computer Security Applications Conference, Annual TI - V-COPS: A Vulnerability-Based Cooperative Alert Distribution System SN - 1063-9527 SP43 EP56 A1 - Shiping Chen, A1 - Dongyu Liu, A1 - Songqing Chen, A1 - Sushil Jajodia, PY - 2006 KW - null VL - 0 JA - Computer Security Applications Conference, Annual ER -

Shiping Chen, George Mason University, USA; Sybase Inc., USA

Dongyu Liu, George Mason University, USA

Songqing Chen, George Mason University, USA

Sushil Jajodia, George Mason University, USA

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/ACSAC.2006.54

The efficiency of promptly releasing security alerts of established analysis centers has been greatly challenged by the continuous emergence of various large scale network attacks, such as worms. With a limited number of sensors deployed over the Internet and a long attack verification period, when the alert is released by analysis centers, the best time to stop the attack may have passed. On the other hand, (1) most of the past large scale attacks targeted known vulnerabilities, and (2) today numerous Internet systems have integrated detection tools, such as virus detection software and intrusion detection systems (IDS), the power of which could be harnessed to defend against large scale attacks.

In this paper, we propose V-COPS -- a vulnerabilitybased cooperative alert distribution system, by leveraging existing independent local attack detection systems. VCOPS is capable of promptly propagating genuine alerts with critical vulnerability information, based on which relevant stakeholders can take preventive actions in time. Extensive analysis and experiments have been performed to study the performance of V-COPS. The preliminary results show V-COPS is effective.

Citation:

Shiping Chen, Dongyu Liu, Songqing Chen, Sushil Jajodia, "V-COPS: A Vulnerability-Based Cooperative Alert Distribution System," acsac, pp.43-56, 22nd Annual Computer Security Applications Conference (ACSAC'06), 2006

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.