We present a prototype of an Intrusion Warning System for combining event message flows of multiple domain-specific security tools in order to determine anomalies for early warning and response. Unlike other approaches for cooperating Intrusion Detection Systems (IDS), we suggest a modified star shape architecture for distributing attack information and feed back warning messages. We assume that there are almost no known properties, neither of the underlying information providing local security tools nor of their local security policies. Such heterogeneous environments are typical for dynamic coalitions like NATO. We extended a well-known hierarchical distributed IDS architecture to provide Meta IDS services with feedback to the local acces...
In this paper early detection of distributed attacks are discussed that are launched from multiple s...
Abstract Evidence of attacks against a network and its resources is often scattered over several hos...
The constant increase of malware threats clearly shows that the present countermeasures are not suff...
The rapidly increasing array of Internet-scale threats is a pressing problem for every organization ...
The complexity of modern networked informationsystems, as well as all the defense-in-depth best prac...
Abstract—The complexity of modern networked information systems, as well as all the defense-in-depth...
Intrusion detection systems are used for monitoring the network data, analyze them and find the intr...
In this paper we address the problem of detecting faulty behaviors of cooperative mobile agents. A n...
The original approach to intrusion detection was based on the deployment of a centralized component ...
The IT infrastructure of today needs to be ready to defend against massive cyber-attacks which often...
This paper presents a distributed intrusion detection system IDS, based on the concept of specialize...
We present a method for detecting large-scale worm attacks using only end-host detectors. These dete...
In this paper we address the problem of detecting faulty behaviors of cooperative mobile agents. A n...
Intrusion detection technique is important subtask that aggregates alert. Alert aggregation goal is ...
Part 6: PhD Workshop—Intrusion DetectionInternational audienceWe present distributed self-organized ...
In this paper early detection of distributed attacks are discussed that are launched from multiple s...
Abstract Evidence of attacks against a network and its resources is often scattered over several hos...
The constant increase of malware threats clearly shows that the present countermeasures are not suff...
The rapidly increasing array of Internet-scale threats is a pressing problem for every organization ...
The complexity of modern networked informationsystems, as well as all the defense-in-depth best prac...
Abstract—The complexity of modern networked information systems, as well as all the defense-in-depth...
Intrusion detection systems are used for monitoring the network data, analyze them and find the intr...
In this paper we address the problem of detecting faulty behaviors of cooperative mobile agents. A n...
The original approach to intrusion detection was based on the deployment of a centralized component ...
The IT infrastructure of today needs to be ready to defend against massive cyber-attacks which often...
This paper presents a distributed intrusion detection system IDS, based on the concept of specialize...
We present a method for detecting large-scale worm attacks using only end-host detectors. These dete...
In this paper we address the problem of detecting faulty behaviors of cooperative mobile agents. A n...
Intrusion detection technique is important subtask that aggregates alert. Alert aggregation goal is ...
Part 6: PhD Workshop—Intrusion DetectionInternational audienceWe present distributed self-organized ...
In this paper early detection of distributed attacks are discussed that are launched from multiple s...
Abstract Evidence of attacks against a network and its resources is often scattered over several hos...
The constant increase of malware threats clearly shows that the present countermeasures are not suff...