分布式攻击检测和缓解框架

2011 IEEE 5th International Conference on Internet Multimedia Systems Architecture and Application Pub Date : 2011-12-01 DOI:10.1109/IMSAA.2011.6156366

Jules Pagna Disso, K. Jones, P. Williams, Alan Steer

{"title":"分布式攻击检测和缓解框架","authors":"Jules Pagna Disso, K. Jones, P. Williams, Alan Steer","doi":"10.1109/IMSAA.2011.6156366","DOIUrl":null,"url":null,"abstract":"Despite the efforts of security communities, the gap between the available protection against cyber-attacks and the number of successful attacks remains significant. The need for new countermeasures is clear and urgent as cyber-attacks are more than ever capable of causing loss of human life; destroying the environment, and causing a high level of disruption to critical infrastructures. The impact of cyber-attacks is sometimes comparable to the impact of traditional military actions. However, the lack of understanding of the scope of attacks and how they operate could lead to unsuccessful protection mechanisms. We have analysed attacks targeting IT and business network, and Critical infrastructure, as a result we present four levels of visibility of attacks that need to be considered when designing or implementing security mechanisms. In our discussion of these four levels of visibility of attacks, we particularly focus on one level where malicious users actions are direct threats to the targeted system but yet not visible by the targeted systems. We conclude by presenting our detection and mitigation framework concept.","PeriodicalId":445751,"journal":{"name":"2011 IEEE 5th International Conference on Internet Multimedia Systems Architecture and Application","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2011-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"A distributed attack detection and mitigation framework\",\"authors\":\"Jules Pagna Disso, K. Jones, P. Williams, Alan Steer\",\"doi\":\"10.1109/IMSAA.2011.6156366\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Despite the efforts of security communities, the gap between the available protection against cyber-attacks and the number of successful attacks remains significant. The need for new countermeasures is clear and urgent as cyber-attacks are more than ever capable of causing loss of human life; destroying the environment, and causing a high level of disruption to critical infrastructures. The impact of cyber-attacks is sometimes comparable to the impact of traditional military actions. However, the lack of understanding of the scope of attacks and how they operate could lead to unsuccessful protection mechanisms. We have analysed attacks targeting IT and business network, and Critical infrastructure, as a result we present four levels of visibility of attacks that need to be considered when designing or implementing security mechanisms. In our discussion of these four levels of visibility of attacks, we particularly focus on one level where malicious users actions are direct threats to the targeted system but yet not visible by the targeted systems. We conclude by presenting our detection and mitigation framework concept.\",\"PeriodicalId\":445751,\"journal\":{\"name\":\"2011 IEEE 5th International Conference on Internet Multimedia Systems Architecture and Application\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2011-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2011 IEEE 5th International Conference on Internet Multimedia Systems Architecture and Application\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/IMSAA.2011.6156366\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2011 IEEE 5th International Conference on Internet Multimedia Systems Architecture and Application","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IMSAA.2011.6156366","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 3

摘要

尽管安全社区做出了努力，但防范网络攻击的可用保护与成功攻击的数量之间的差距仍然很大。由于网络攻击比以往任何时候都更有可能造成人命损失，因此对新对策的需求是明确而紧迫的;破坏环境，对关键基础设施造成严重破坏。网络攻击的影响有时可以与传统军事行动的影响相提并论。然而，缺乏对攻击范围及其操作方式的了解可能导致保护机制不成功。我们分析了针对IT和业务网络以及关键基础设施的攻击，因此我们提出了在设计或实现安全机制时需要考虑的攻击可见性的四个级别。在我们对这四个级别的攻击可见性的讨论中，我们特别关注一个级别，即恶意用户的操作对目标系统构成直接威胁，但目标系统还不可见。最后，我们提出了我们的检测和缓解框架概念。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

A distributed attack detection and mitigation framework

Despite the efforts of security communities, the gap between the available protection against cyber-attacks and the number of successful attacks remains significant. The need for new countermeasures is clear and urgent as cyber-attacks are more than ever capable of causing loss of human life; destroying the environment, and causing a high level of disruption to critical infrastructures. The impact of cyber-attacks is sometimes comparable to the impact of traditional military actions. However, the lack of understanding of the scope of attacks and how they operate could lead to unsuccessful protection mechanisms. We have analysed attacks targeting IT and business network, and Critical infrastructure, as a result we present four levels of visibility of attacks that need to be considered when designing or implementing security mechanisms. In our discussion of these four levels of visibility of attacks, we particularly focus on one level where malicious users actions are direct threats to the targeted system but yet not visible by the targeted systems. We conclude by presenting our detection and mitigation framework concept.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2011 IEEE 5th International Conference on Internet Multimedia Systems Architecture and Application

自引率

0.00%

发文量