Decentralized publish-subscribe system to prevent coordinated attacks via alert correlation. García-Alfaro, J., Autrel, F., Borrell, J., Castillo, S., Cuppens, F., & Navarro-Arribas, G. In López, J., Qing, S., & Okamoto, E., editors, 6th International Conference on Information and communications Security, volume 3269, of Lecture Notes in Computer Science, pages 223–235, October, 2004. Springer Verlag. SCI-JCR(2004): 0.51 (Q3), (acceptance rate: 17%),ISSN 0302-9743, CORE(2008) B, CORE(2008) C, CiteSeer VIP(2007) 0.02 (371/581)Paper doi abstract bibtex We present in this paper a decentralized architecture to correlate alerts between cooperative nodes in a secure multicast infrastructure. The purpose of this architecture is to detect and prevent the use of network resources to perform coordinated attacks against third party networks. By means of a cooperative scheme based on message passing, the different nodes of this system will collaborate to detect its participation on a coordinated attack and will react to avoid it. An overview of the implementation of this architecture for GNU/Linux systems will demonstrate the practicability of the system.
@inproceedings {garcia-alfaro04:_decen_publis_subsc_system_to,
author = {J. Garc{\'i}a-Alfaro and F. Autrel and J. Borrell and S.
Castillo and F. Cuppens and G. Navarro-Arribas},
title = {Decentralized publish-subscribe system to prevent coordinated
attacks via alert correlation},
booktitle = {6th International Conference on Information and
communications Security},
publisher = {Springer Verlag},
year = 2004,
editor = {J. López and S. Qing and E. Okamoto},
volume = 3269,
series = {Lecture Notes in Computer Science},
pages = {223--235},
month = oct,
abstract = {We present in this paper a decentralized architecture to
correlate alerts between cooperative nodes in a secure
multicast infrastructure. The purpose of this architecture is
to detect and prevent the use of network resources to perform
coordinated attacks against third party networks. By means of
a cooperative scheme based on message passing, the different
nodes of this system will collaborate to detect its
participation on a coordinated attack and will react to avoid
it. An overview of the implementation of this architecture
for GNU/Linux systems will demonstrate the practicability of
the system.},
keywords = {Intrusion Detection, Publish-Subscribe Systems, Alert
Correlation},
issn = {0302-9743},
project = {TIC2001-5108-E, TIC2003-02041},
doi = {http://dx.doi.org/10.1007/b101042},
url =
{https://link.springer.com/chapter/10.1007/978-3-540-30191-2_18},
classification-cv ={lncs},
googlescholar-citedby =11,
accept-rate = {42/245},
note = {SCI-JCR(2004): 0.51 (Q3), (acceptance rate: 17\%),ISSN
0302-9743, CORE(2008) B, CORE(2008) C, CiteSeer VIP(2007)
0.02 (371/581)},
}
Downloads: 0
{"_id":"RBsxLYnYwRMsSon8W","bibbaseid":"garciaalfaro-autrel-borrell-castillo-cuppens-navarroarribas-decentralizedpublishsubscribesystemtopreventcoordinatedattacksviaalertcorrelation-2004","authorIDs":["5e6808c6c1fce0de01000298","5e681c7bdfcfe3de010000da","5e681d86dfcfe3de010000f7","5e681e9fdfcfe3de01000123","5e681ff7dfcfe3de0100015b","5e68d55eae547ede01000241","FbhxrzRGHmB5ZLkdW","Rq2LaHi2k4LG2oJWA","XPSxWaR7aNza6tAag","bDunKxAWaFaoSZHTh","ep5R5PJemmENxrMNS","xepEiEC24XXQFT8fb"],"author_short":["García-Alfaro, J.","Autrel, F.","Borrell, J.","Castillo, S.","Cuppens, F.","Navarro-Arribas, G."],"bibdata":{"bibtype":"inproceedings","type":"inproceedings","author":[{"firstnames":["J."],"propositions":[],"lastnames":["García-Alfaro"],"suffixes":[]},{"firstnames":["F."],"propositions":[],"lastnames":["Autrel"],"suffixes":[]},{"firstnames":["J."],"propositions":[],"lastnames":["Borrell"],"suffixes":[]},{"firstnames":["S."],"propositions":[],"lastnames":["Castillo"],"suffixes":[]},{"firstnames":["F."],"propositions":[],"lastnames":["Cuppens"],"suffixes":[]},{"firstnames":["G."],"propositions":[],"lastnames":["Navarro-Arribas"],"suffixes":[]}],"title":"Decentralized publish-subscribe system to prevent coordinated attacks via alert correlation","booktitle":"6th International Conference on Information and communications Security","publisher":"Springer Verlag","year":"2004","editor":[{"firstnames":["J."],"propositions":[],"lastnames":["López"],"suffixes":[]},{"firstnames":["S."],"propositions":[],"lastnames":["Qing"],"suffixes":[]},{"firstnames":["E."],"propositions":[],"lastnames":["Okamoto"],"suffixes":[]}],"volume":"3269","series":"Lecture Notes in Computer Science","pages":"223–235","month":"October","abstract":"We present in this paper a decentralized architecture to correlate alerts between cooperative nodes in a secure multicast infrastructure. The purpose of this architecture is to detect and prevent the use of network resources to perform coordinated attacks against third party networks. By means of a cooperative scheme based on message passing, the different nodes of this system will collaborate to detect its participation on a coordinated attack and will react to avoid it. An overview of the implementation of this architecture for GNU/Linux systems will demonstrate the practicability of the system.","keywords":"Intrusion Detection, Publish-Subscribe Systems, Alert Correlation","issn":"0302-9743","project":"TIC2001-5108-E, TIC2003-02041","doi":"http://dx.doi.org/10.1007/b101042","url":"https://link.springer.com/chapter/10.1007/978-3-540-30191-2_18","classification-cv":"lncs","googlescholar-citedby":"11","accept-rate":"42/245","note":"SCI-JCR(2004): 0.51 (Q3), (acceptance rate: 17%),ISSN 0302-9743, CORE(2008) B, CORE(2008) C, CiteSeer VIP(2007) 0.02 (371/581)","bibtex":"@inproceedings {garcia-alfaro04:_decen_publis_subsc_system_to,\n author = {J. Garc{\\'i}a-Alfaro and F. Autrel and J. Borrell and S.\n Castillo and F. Cuppens and G. Navarro-Arribas},\n title = {Decentralized publish-subscribe system to prevent coordinated\n attacks via alert correlation},\n booktitle = {6th International Conference on Information and\n communications Security},\n publisher = {Springer Verlag},\n year = 2004,\n editor = {J. López and S. Qing and E. Okamoto},\n volume = 3269,\n series = {Lecture Notes in Computer Science},\n pages = {223--235},\n month = oct,\n abstract = {We present in this paper a decentralized architecture to\n correlate alerts between cooperative nodes in a secure\n multicast infrastructure. The purpose of this architecture is\n to detect and prevent the use of network resources to perform\n coordinated attacks against third party networks. By means of\n a cooperative scheme based on message passing, the different\n nodes of this system will collaborate to detect its\n participation on a coordinated attack and will react to avoid\n it. An overview of the implementation of this architecture\n for GNU/Linux systems will demonstrate the practicability of\n the system.},\n keywords = {Intrusion Detection, Publish-Subscribe Systems, Alert\n Correlation},\n issn = {0302-9743},\n project = {TIC2001-5108-E, TIC2003-02041},\n doi = {http://dx.doi.org/10.1007/b101042},\n url =\n {https://link.springer.com/chapter/10.1007/978-3-540-30191-2_18},\n classification-cv ={lncs},\n googlescholar-citedby =11,\n accept-rate = {42/245},\n note = {SCI-JCR(2004): 0.51 (Q3), (acceptance rate: 17\\%),ISSN\n 0302-9743, CORE(2008) B, CORE(2008) C, CiteSeer VIP(2007)\n 0.02 (371/581)},\n}\n\n","author_short":["García-Alfaro, J.","Autrel, F.","Borrell, J.","Castillo, S.","Cuppens, F.","Navarro-Arribas, G."],"editor_short":["López, J.","Qing, S.","Okamoto, E."],"key":"garcia-alfaro04:_decen_publis_subsc_system_to","id":"garcia-alfaro04:_decen_publis_subsc_system_to","bibbaseid":"garciaalfaro-autrel-borrell-castillo-cuppens-navarroarribas-decentralizedpublishsubscribesystemtopreventcoordinatedattacksviaalertcorrelation-2004","role":"author","urls":{"Paper":"https://link.springer.com/chapter/10.1007/978-3-540-30191-2_18"},"keyword":["Intrusion Detection","Publish-Subscribe Systems","Alert Correlation"],"downloads":0,"html":""},"bibtype":"inproceedings","biburl":"http://www.deic.uab.cat/~guille/fullbib.bib","creationDate":"2020-03-10T21:38:14.447Z","downloads":0,"keywords":["intrusion detection","publish-subscribe systems","alert correlation"],"search_terms":["decentralized","publish","subscribe","system","prevent","coordinated","attacks","via","alert","correlation","garcía-alfaro","autrel","borrell","castillo","cuppens","navarro-arribas"],"title":"Decentralized publish-subscribe system to prevent coordinated attacks via alert correlation","year":2004,"dataSources":["MhcFKWEyNPt5DaDvq"]}