Log-based distributed intrusion detection for hybrid networks

Authors:
Francoise Sailhan;Julien Bourgeois
Affiliations:
University of Franche-Comté, Montbéliard, France;University of Franche-Comté, Montbéliard, France
Venue:
Proceedings of the 4th annual workshop on Cyber security and information intelligence research: developing strategies to meet the cyber security and information intelligence challenges ahead
Year:
2008

Citing 2
Cited 2

Scalable application layer multicast

Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications
Scalable Service Discovery for MANET

PERCOM '05 Proceedings of the Third IEEE International Conference on Pervasive Computing and Communications

Adding value to log event correlation using distributed techniques

Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research
Accountability and Q-Accountable Logging in Wireless Networks

Wireless Personal Communications: An International Journal

Quantified Score

Hi-index	0.01

Visualization

Abstract

We propose a novel hybrid distributed security operation center which collects logs that are generated by any application, service, and protocol regardless of the layer of the protocol stack and the device (e.g., router); providing a global view of the supervised system based on which complex and distributed intrusions can be detected. Our HDSOC further (i) distributes its capabilities and (ii) provides extensive coordination capabilities for guarantying that both the network and the HDSOC components do not constitute isolated entities largely unaware of each others.