Full metadata record
DC FieldValueLanguage
dc.contributor.authorHsin, WYen_US
dc.contributor.authorTseng, SSen_US
dc.contributor.authorLin, SCen_US
dc.date.accessioned2014-12-08T15:25:40Z-
dc.date.available2014-12-08T15:25:40Z-
dc.date.issued2005en_US
dc.identifier.isbn0-7695-2509-1en_US
dc.identifier.urihttp://hdl.handle.net/11536/18091-
dc.description.abstractWe propose a framework for collaborative defense by extending the original distributed intrusion detection model. It contains alert's collector extractor analyzer report's generator alert warehouse and alert's analysis. Besides, we develop a hybrid approach to share security information like raising the wolf smoke to warn partners. By the security information sharing, the members of CSIRT can obtain the solutions of defense, such as blacklists, detection rules, and security knowledge about alerts. The framework provides a solution to build effective cooperative security teams for academia and industry We evaluate the feasibility of our framework and track the spreading behaviors of the SQL Slammer Worm. As a result, we can deploy security system more widely and detect the aggressor's behavior more accurately. The alert-based collaborative defense mechanism can help members to evaluate the impact of the threats and take proper actions to mitigate the risk.en_US
dc.language.isoen_USen_US
dc.titleA study of alert-based collaborative defenseen_US
dc.typeProceedings Paperen_US
dc.identifier.journal8th International Symposium on Parallel Architectures, Algorithms and Networks, Proceedingsen_US
dc.citation.spage148en_US
dc.citation.epage153en_US
dc.contributor.department資訊工程學系zh_TW
dc.contributor.departmentDepartment of Computer Scienceen_US
dc.identifier.wosnumberWOS:000234708700024-
Appears in Collections:Conferences Paper