Universitat Oberta de Catalunya
Attacks and intrusionsto informationsystems cause large revenue losses. The prevention of these attacks is not always possible by just considering information from isolated sources of the network. A global view of the whole system is necessary to react against the different actions of such an attack. The design and deploymentof a decentralized system targeted at detecting as well as reacting to informationsystem attacks might benefit from the use of the publish/subscribemodel. In this paper, we discussthe advantages and conveniencein usingthis com- munication paradigm for a general decentralized attack preventionframework and overview the designand imple- mentationof our approach by using a combinationof two different publish/subscribemiddleware products. Further- more, wepresentaquantitativeevaluationofourapproach.
English
Computer networks -- Security measures; Computer security; Ordinadors, Xarxes d' -- Mesures de seguretat; Informàtica -- Mesures de seguretat; Ordenadores, Redes de -- Medidas de seguridad; Informática -- Medidas de seguridad
(c) 2008 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other users, including reprinting/ republishing this material for advertising or promotional purposes, creating new collective works for resale or redistribution to servers or lists, or reuse of any copyrighted components of this work in other works.
Conferències [67]
