A cooperative approach for a global intrusion detection system for internet service providers

R. S. Silva, E. L. C. Macedo

Research output: Chapter in Book/Report/Conference proceedingConference Contribution (Conference Proceeding)

Abstract

Cyber-attacks have become more threatening as Internet evolves, particularly for Internet Service Providers (ISPs) that play a rule of carrying them to their subscribers. In order to protect themselves and their subscribers, ISPs invest in typical protection systems like IDS, IPS, or Firewalls, that are designed for perimeter-based operation. Even though these expensive systems are efficient to protect confined environments, they do not allow ISPs to anticipate cyber-attacks. At most, ISPs might only react to them as soon as possible to maintain network services for legitimate traffic. Based on what prior DIDS approaches have lacked, our approach relies on BGP protocol to interconnect distributed intrusion detection elements, each of which cooperating by sending information about a potential threatening flow that traverses its Autonomous System (AS). We present the architecture of our approach as well as the analytic model based on Dempster-Shafer's combination rule. The results show significant improvement in terms of reliability of the combined information, that enables better countermeasures decisions.
Original languageEnglish
Title of host publication2017 1st Cyber Security in Networking Conference (CSNet)
Pages1-8
Number of pages8
DOIs
Publication statusPublished - 1 Jan 2018

Keywords

  • Internet
  • security of data
  • telecommunication security
  • telecommunication traffic
  • Autonomous System
  • DIDS approaches
  • Dempster-Shafer's combination rule
  • ISPs
  • cyber-attacks
  • distributed intrusion detection elements
  • expensive systems
  • global intrusion detection system
  • internet service providers
  • network services
  • potential threatening flow
  • subscribers
  • typical protection systems
  • Autonomous systems
  • IP networks
  • Intrusion detection
  • Monitoring
  • Protocols

Fingerprint Dive into the research topics of 'A cooperative approach for a global intrusion detection system for internet service providers'. Together they form a unique fingerprint.

Cite this