Design and Modeling of Collaboration Architecture for Security

Abstract

Threats against computer networks evolve very fast and require more and more complex measures. We argue that teams respectively groups with a common purpose for intrusion detection and prevention improve the measures against rapid propagating attacks similar to the concept of teams solving complex tasks known from field of work sociology. Collaboration in this sense is not easy task especially for heterarchical environments. We propose CIMD (Collaborative Intrusion and Malware Detection) as a security overlay framework to enable cooperative intrusion detection approaches. Objectives and associated interests are used to create detection groups for exchange of security-related data. In this work, we contribute a tree-oriented data model for device representation in the scope of security. We introduce an algorithm for the formation of detection groups, show realization strategies for the system and conduct vulnerability analysis. We evaluate the benefit of CIMD by simulation and probabilistic analysis.

@article{bye:2009:CTS,
author = {Rainer Bye and Seyit A. Camtepe and Sahin Albayrak},
title = {Design and modeling of collaboration architecture for security},
journal ={Collaborative Technologies and Systems, International Symposium on},
volume = {0},
year = {2009},
isbn = {978-1-4244-4584-4},
pages = {330-341},
doi = {http://doi.ieeecomputersociety.org/10.1109/CTS.2009.5067498},
publisher = {IEEE Computer Society},
address = {Los Alamitos, CA, USA},
keywords={ Architectures and Design of Collaborative Systems, Modeling and Simulation of Collaboration, Collaborative Intrusion and Malware Detection, Enterprise Security, Peer-to-Peer for Security, Intrusion Detection.},
}
Authors:
Rainer Bye, Seyit Ahmet Camtepe, Sahin Albayrak
Category:
Conference Paper
Year:
2009
Location:
International Symposium on Collaborative Technologies and Systems