The Community for Technology Leaders
Communication Networks and Services Research, Annual Conference on (2008)
May 5, 2008 to May 8, 2008
ISBN: 978-0-7695-3135-9
pp: 96-103
ABSTRACT
Attacks and intrusions to information systems cause large revenue losses. The prevention of these attacks is not always possible by just considering information from isolated sources of the network. A global view of the whole system is necessary to react against the different actions of such an attack. The design and deployment of a decentralized system targeted at detecting as well as reacting to information system attacks might benefit from the use of the publish/subscribe model. In this paper, we discuss the advantages and convenience in using this communication paradigm for a general decentralized attack prevention framework and overview the design and implementation of our approach by using a combination of two different publish/subscribe middleware products. Furthermore, we present a quantitative evaluation of our approach.
INDEX TERMS
Network Security, Attack Prevention System, Publish/Subscribe, Message Oriented Middleware, IDMEF
CITATION

J. Borrell, I. Barrera, M. A. Jaeger, G. M? and J. Garcia-Alfaro, "Distributed Exchange of Alerts for the Detection of Coordinated Attacks," 2008 6th Annual Communication Networks and Services Research Conference (CNSR '08)(CNSR), Halifax, NS, 2008, pp. 96-103.
doi:10.1109/CNSR.2008.70
84 ms
(Ver 3.3 (11022016))