Decentralized publish-subscribe system to prevent coordinated attacks via alert correlation

J. García-Alfaro, F. Autrel, J. Borrell, S. Castillo, F. Cuppens, G. Navarro-Arribas

    Producció científica: Contribució a revistaArticleRecercaAvaluat per experts

    16 Cites (Scopus)

    Resum

    We present in this paper a decentralized architecture to correlate alerts between cooperative nodes in a secure multicast infrastructure. The purpose of this architecture is to detect and prevent the use of network resources to perform coordinated attacks against third party networks. By means of a cooperative scheme based on message passing, the different nodes of this system will collaborate to detect its participation on a coordinated attack and will react to avoid it. An overview of the implementation of this architecture for GNU/Linux systems will demonstrate the practicability of the system. © Springer-Verlag 2004.
    Idioma originalAnglès
    Pàgines (de-a)223-235
    RevistaLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
    Estat de la publicacióPublicada - 1 de des. 2004

    Fingerprint

    Navegar pels temes de recerca de 'Decentralized publish-subscribe system to prevent coordinated attacks via alert correlation'. Junts formen un fingerprint únic.

    Com citar-ho