Full metadata record
DC Field | Value | Language |
---|---|---|
dc.contributor.author | Hsin, WY | en_US |
dc.contributor.author | Tseng, SS | en_US |
dc.contributor.author | Lin, SC | en_US |
dc.date.accessioned | 2014-12-08T15:25:40Z | - |
dc.date.available | 2014-12-08T15:25:40Z | - |
dc.date.issued | 2005 | en_US |
dc.identifier.isbn | 0-7695-2509-1 | en_US |
dc.identifier.uri | http://hdl.handle.net/11536/18091 | - |
dc.description.abstract | We propose a framework for collaborative defense by extending the original distributed intrusion detection model. It contains alert's collector extractor analyzer report's generator alert warehouse and alert's analysis. Besides, we develop a hybrid approach to share security information like raising the wolf smoke to warn partners. By the security information sharing, the members of CSIRT can obtain the solutions of defense, such as blacklists, detection rules, and security knowledge about alerts. The framework provides a solution to build effective cooperative security teams for academia and industry We evaluate the feasibility of our framework and track the spreading behaviors of the SQL Slammer Worm. As a result, we can deploy security system more widely and detect the aggressor's behavior more accurately. The alert-based collaborative defense mechanism can help members to evaluate the impact of the threats and take proper actions to mitigate the risk. | en_US |
dc.language.iso | en_US | en_US |
dc.title | A study of alert-based collaborative defense | en_US |
dc.type | Proceedings Paper | en_US |
dc.identifier.journal | 8th International Symposium on Parallel Architectures, Algorithms and Networks, Proceedings | en_US |
dc.citation.spage | 148 | en_US |
dc.citation.epage | 153 | en_US |
dc.contributor.department | 資訊工程學系 | zh_TW |
dc.contributor.department | Department of Computer Science | en_US |
dc.identifier.wosnumber | WOS:000234708700024 | - |
Appears in Collections: | Conferences Paper |