SØG - mellem flere end 8 millioner bøger:
Viser: Intrusion Detection Networks - A Key to Collaborative Security
Intrusion Detection Networks
A Key to Collaborative Security
Carol Fung og Raouf Boutaba
(2017)
Sprog: Engelsk
om ca. 10 hverdage
Detaljer om varen
- Paperback: 262 sider
- Udgiver: Auerbach Publishers, Incorporated (Oktober 2017)
- Forfattere: Carol Fung og Raouf Boutaba
- ISBN: 9781138198890
The rapidly increasing sophistication of cyber intrusions makes them nearly impossible to detect without the use of a collaborative intrusion detection network (IDN). Using overlay networks that allow an intrusion detection system (IDS) to exchange information, IDNs can dramatically improve your overall intrusion detection accuracy.
Intrusion Detection Networks: A Key to Collaborative Security focuses on the design of IDNs and explains how to leverage effective and efficient collaboration between participant IDSs. Providing a complete introduction to IDSs and IDNs, it explains the benefits of building IDNs, identifies the challenges underlying their design, and outlines possible solutions to these problems. It also reviews the full-range of proposed IDN solutions--analyzing their scope, topology, strengths, weaknesses, and limitations.
- Includes a case study that examines the applicability of collaborative intrusion detection to real-world malware detection scenarios
- Illustrates distributed IDN architecture design
- Considers trust management, intrusion detection decision making, resource management, and collaborator management
The book provides a complete overview of network intrusions, including their potential damage and corresponding detection methods. Covering the range of existing IDN designs, it elaborates on privacy, malicious insiders, scalability, free-riders, collaboration incentives, and intrusion detection efficiency. It also provides a collection of problem solutions to key IDN design challenges and shows how you can use various theoretical tools in this context.
The text outlines comprehensive validation methodologies and metrics to help you improve efficiency of detection, robustness against malicious insiders, incentive-compatibility for all participants, and scalability in network size. It concludes by highlighting open issues and future challenges.
CYBER INTRUSIONS AND INTRUSION DETECTION Cyber Intrusions Introduction
Overview of Cyber Intrusions Malware Vulnerabilities Exploitation Denial-of-Service Attack Web-Based Attacks DNS Attack Organized Attacks and Botnets Spam and Phishing Mobile Device Security Cyber Crime and Cyber Warfare A Taxonomy of Cyber Intrusions Summary Intrusion Detection Intrusion Detection Systems Signature-Based and Anomaly-Based IDSs Host-Based and Network-Based IDSs Other Types of IDSs Strength and Limitations of IDSs Collaborative Intrusion Detection Networks Motivation for IDS Collaboration Challenges of IDS Collaboration Overview of Existing Intrusion Detection Networks Cooperation Topology Cooperation Scope Collaboration Type Specialization Cooperation Technologies and Algorithms Data Correlation Trust Management Load Balancing Taxonomy Selected Intrusion Detection Networks Indra DOMINO DShield NetShield CIDS Gossip Worminator ABDIAS CRIM ALPACAS CDDHT SmartScreen Filter CloudAV FFCIDN CMDA Summary DESIGN OF AN INTRUSION DETECTION NETWORK Collaborative Intrusion Detection Networks Architecture Design Introduction
Collaboration Framework Network Join Process Consultation Requests Test Messages Communication Overlay Mediator Trust Management Acquaintance Management Resource Management Feedback Aggregation Discussion Privacy Issues Insider Attacks Summary Trust Management Introduction
Background Trust Management Model Satisfaction Mapping Dirichlet-Based Model Evaluating the Trustworthiness of a Peer Test Message Exchange Rate and Scalability of Our System Robustness against Common Threats Newcomer Attacks Betrayal Attacks Collusion Attacks Inconsistency Attacks Simulations and Experimental Results Simulation Setting Modeling the Expertise Level of a Peer Deception Models Trust Values and Confidence Levels for Honest Peers Trust Values for Dishonest Peers Robustness of Our Trust Model Scalability of Our Trust Model Efficiency of Our Trust Model Conclusions and Future Work Collaborative Decision Introduction
Background Collaborative Decision Model Modeling of Acquaintances Collaborative Decision Sequential Hypothesis Testing Threshold Approximation Performance Evaluation Simulation Simple Average Model Weighted Average Model Bayesian Decision Model Modeling of a Single IDS Detection Accuracy and Cost Cost under Homogeneous Environment Cost under Heterogeneous Environment Cost and the Number of Acquaintances Sequential Consultation Robustness and Scalability of the System Conclusion Resource Management Introduction
Background Resource Management and Incentive Design Modeling of Resource Allocation Characterization of Nash Equilibrium Incentive Properties Primal / Dual Iterative Algorithm Experiments and Evaluation Nash Equilibrium Computation Nash Equilibrium Using Distributed Computation Robustness Evaluation Free-Riding Denial-of-Service (DoS) Attacks Dishonest Insiders Large-Scale Simulation Conclusion Collaborators Selection and Management Introduction
Background IDS Identification and Feedback Aggregation Detection Accuracy for a Single IDS Feedback Aggregation Acquaintance Management Problem Statement Acquaintance Selection Algorithm Acquaintance Management Algorithm Evaluation Simulation Setting Determining the Test Message Rate Efficiency of Our Feedback Aggregation Cost and the Number of Collaborators Efficiency of Acquaintance Selection Algorithms Evaluation of Acquaintance Management Algorithm Convergence Stability Incentive Compatibility Robustness Conclusion and Future Work OTHER TYPES OF IDN DESIGN Knowledge-Based Intrusion Detection Networks and Knowledge Propagation Introduction
Background Knowledge Sharing IDN Architecture Network Topology Communication Framework Snort Rules Authenticated Network Join Operation Feedback Collector Trust Evaluation and Acquaintance Management Knowledge Propagation Control An Example Knowledge Sharing and Propagation Model Lower Level - Public Utility Optimization Upper Level - Private Utility Optimization Tuning Parameter Rij Nash Equilibrium Price of Anarchy Analysis Knowledge Propagation Bayesian Learning and Dynamic Algorithms Bayesian Learning Model for Trust Dirichlet Learning Model for Knowledge Quality Credible-Bound Estimation of Trust Dynamic Algorithm to Find the Prime NE at Node Evaluation Simulation Setup Trust Value Learning Convergence of Distributed Dynamic Algorithm Scalability and Quality of Information (QoI) Incentive Compatibility and Fairness Robustness of the System Conclusion Collaborative Malware Detection Networks Introduction
Background Collaborative Malware Detection Decision Models for Collaborative Malware Detection Static Threshold Weighted Average &nbs