Decentralized publish-subscribe system to prevent coordinated attacks via alert correlation

J. García-Alfaro, F. Autrel, J. Borrell, S. Castillo, F. Cuppens, G. Navarro-Arribas

    Research output: Contribution to journalArticleResearchpeer-review

    16 Citations (Scopus)


    We present in this paper a decentralized architecture to correlate alerts between cooperative nodes in a secure multicast infrastructure. The purpose of this architecture is to detect and prevent the use of network resources to perform coordinated attacks against third party networks. By means of a cooperative scheme based on message passing, the different nodes of this system will collaborate to detect its participation on a coordinated attack and will react to avoid it. An overview of the implementation of this architecture for GNU/Linux systems will demonstrate the practicability of the system. © Springer-Verlag 2004.
    Original languageEnglish
    Pages (from-to)223-235
    JournalLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
    Publication statusPublished - 1 Dec 2004


    • Alert Correlation
    • Intrusion Detection
    • Publish-Subscribe Systems


    Dive into the research topics of 'Decentralized publish-subscribe system to prevent coordinated attacks via alert correlation'. Together they form a unique fingerprint.

    Cite this