The Design of Collaborative Intrusion Detection Networks

,

The Design of Collaborative Intrusion Detection Networks

,

Wysyłka:
Niedostępna
Powiadom o dostępności
Podaj swój e-mail a zostaniesz poinformowany jak tylko pozycja będzie dostępna.
×
Cena 413,00 PLN
Nasza cena 386,15 PLN
Oszczędzasz 6%
Dodaj do Schowka
Zaloguj się
Przypomnij hasło
×
×
Cena 413,00 PLN
Nasza cena 386,15 PLN
Oszczędzasz 6%
Dodaj do Schowka
Zaloguj się
Przypomnij hasło
×
×

Opis: The Design of Collaborative Intrusion Detection Networks - Raouf Boutaba, Carol Fung

The rapidly increasing sophistication of cyber intrusions makes them nearly impossible to detect without the use of a collaborative intrusion detection network (IDN). Using overlay networks that allow an intrusion detection system (IDS) to exchange information, IDNs can dramatically improve your overall intrusion detection accuracy. Intrusion Detection Networks: A Key to Collaborative Security focuses on the design of IDNs and explains how to leverage effective and efficient collaboration between participant IDSs. Providing a complete introduction to IDSs and IDNs, it explains the benefits of building IDNs, identifies the challenges underlying their design, and outlines possible solutions to these problems. It also reviews the full-range of proposed IDN solutions-analyzing their scope, topology, strengths, weaknesses, and limitations. Includes a case study that examines the applicability of collaborative intrusion detection to real-world malware detection scenarios Illustrates distributed IDN architecture design Considers trust management, intrusion detection decision making, resource management, and collaborator management The book provides a complete overview of network intrusions, including their potential damage and corresponding detection methods. Covering the range of existing IDN designs, it elaborates on privacy, malicious insiders, scalability, free-riders, collaboration incentives, and intrusion detection efficiency. It also provides a collection of problem solutions to key IDN design challenges and shows how you can use various theoretical tools in this context. The text outlines comprehensive validation methodologies and metrics to help you improve efficiency of detection, robustness against malicious insiders, incentive-compatibility for all participants, and scalability in network size. It concludes by highlighting open issues and future challenges.INTRODUCTION CYBER INTRUSIONS AND INTRUSION DETECTION Cyber Intrusions Introduction Overview of Cyber Intrusions Malware Vulnerabilities Exploitation Denial-of-Service Attack Web-Based Attacks DNS Attack Organized Attacks and Botnets Spam and Phishing Mobile Device Security Cyber Crime and Cyber Warfare A Taxonomy of Cyber Intrusions Summary Intrusion Detection Intrusion Detection Systems Signature-Based and Anomaly-Based IDSs Host-Based and Network-Based IDSs Other Types of IDSs Strength and Limitations of IDSs Collaborative Intrusion Detection Networks Motivation for IDS Collaboration Challenges of IDS Collaboration Overview of Existing Intrusion Detection Networks Cooperation Topology Cooperation Scope Collaboration Type Specialization Cooperation Technologies and Algorithms Data Correlation Trust Management Load Balancing Taxonomy Selected Intrusion Detection Networks Indra DOMINO DShield NetShield CIDS Gossip Worminator ABDIAS CRIM ALPACAS CDDHT SmartScreen Filter CloudAV FFCIDN CMDA Summary DESIGN OF AN INTRUSION DETECTION NETWORK Collaborative Intrusion Detection Networks Architecture Design Introduction Collaboration Framework Network Join Process Consultation Requests Test Messages Communication Overlay Mediator Trust Management Acquaintance Management Resource Management Feedback Aggregation Discussion Privacy Issues Insider Attacks Summary Trust Management Introduction Background Trust Management Model Satisfaction Mapping Dirichlet-Based Model Evaluating the Trustworthiness of a Peer Test Message Exchange Rate and Scalability of Our System Robustness against Common Threats Newcomer Attacks Betrayal Attacks Collusion Attacks Inconsistency Attacks Simulations and Experimental Results Simulation Setting Modeling the Expertise Level of a Peer Deception Models Trust Values and Confidence Levels for Honest Peers Trust Values for Dishonest Peers Robustness of Our Trust Model Scalability of Our Trust Model Efficiency of Our Trust Model Conclusions and Future Work Collaborative Decision Introduction Background Collaborative Decision Model Modeling of Acquaintances Collaborative Decision Sequential Hypothesis Testing Threshold Approximation Performance Evaluation Simulation Simple Average Model Weighted Average Model Bayesian Decision Model Modeling of a Single IDS Detection Accuracy and Cost Cost under Homogeneous Environment Cost under Heterogeneous Environment Cost and the Number of Acquaintances Sequential Consultation Robustness and Scalability of the System Conclusion Resource Management Introduction Background Resource Management and Incentive Design Modeling of Resource Allocation Characterization of Nash Equilibrium Incentive Properties Primal / Dual Iterative Algorithm Experiments and Evaluation Nash Equilibrium Computation Nash Equilibrium Using Distributed Computation Robustness Evaluation Free-Riding Denial-of-Service (DoS) Attacks Dishonest Insiders Large-Scale Simulation Conclusion Collaborators Selection and Management Introduction Background IDS Identification and Feedback Aggregation Detection Accuracy for a Single IDS Feedback Aggregation Acquaintance Management Problem Statement Acquaintance Selection Algorithm Acquaintance Management Algorithm Evaluation Simulation Setting Determining the Test Message Rate Efficiency of Our Feedback Aggregation Cost and the Number of Collaborators Efficiency of Acquaintance Selection Algorithms Evaluation of Acquaintance Management Algorithm Convergence Stability Incentive Compatibility Robustness Conclusion and Future Work OTHER TYPES OF IDN DESIGN Knowledge-Based Intrusion Detection Networks and Knowledge Propagation Introduction Background Knowledge Sharing IDN Architecture Network Topology Communication Framework Snort Rules Authenticated Network Join Operation Feedback Collector Trust Evaluation and Acquaintance Management Knowledge Propagation Control An Example Knowledge Sharing and Propagation Model Lower Level - Public Utility Optimization Upper Level - Private Utility Optimization Tuning Parameter Rij Nash Equilibrium Price of Anarchy Analysis Knowledge Propagation Bayesian Learning and Dynamic Algorithms Bayesian Learning Model for Trust Dirichlet Learning Model for Knowledge Quality Credible-Bound Estimation of Trust Dynamic Algorithm to Find the Prime NE at Node Evaluation Simulation Setup Trust Value Learning Convergence of Distributed Dynamic Algorithm Scalability and Quality of Information (QoI) Incentive Compatibility and Fairness Robustness of the System Conclusion Collaborative Malware Detection Networks Introduction Background Collaborative Malware Detection Decision Models for Collaborative Malware Detection Static Threshold Weighted Average Decision Tree Bayesian Decision Collaboration Framework Architecture Design Communication Overhead and Privacy Issue Adversaries and Free-Riding Collaborative Decision Model Problem Statement and RevMatch Model Feedback Relaxation Labeled History Update Evaluation Data Sets Experiment Setting Ranking of AVs Static Threshold Weighted Average Decision Tree Bayesian Decision RevMatch Comparison between Different Decision Models Robustness against Insider Attacks Acquaintance List Length and Efficiency Discussion Runtime Efficiency on Decision Partial Feedback Tuning Flexibility Comparison Zero-Day Malware Detection History Poison Flooding Attack Conclusion and Future Work CONCLUSION APPENDICES Examples of Intrusion Detection Rules and Alerts Examples of Snort Rules Example of an Intrusion Alert in IDMEF Format Proofs Proof of Proposition 9.4.3 Proof of Theorem 9.2 Proof of Proposition 9.4.4 Proof of Proposition 9.4.5 Proof of Proposition 9.4.6 References Index


Szczegóły: The Design of Collaborative Intrusion Detection Networks - Raouf Boutaba, Carol Fung

Tytuł: The Design of Collaborative Intrusion Detection Networks
Autor: Raouf Boutaba, Carol Fung
Producent: Auerbach Publishers Inc.
ISBN: 9781466564121
Rok produkcji: 2013
Ilość stron: 261
Oprawa: Twarda
Waga: 0.52 kg


Recenzje: The Design of Collaborative Intrusion Detection Networks - Raouf Boutaba, Carol Fung

Zaloguj się
Przypomnij hasło
×
×


Klienci, którzy kupili oglądany produkt kupili także: