SCAMP: Peer-to-Peer Lightweight Membership Service for Large-Scale Group Communication
NGC '01 Proceedings of the Third International COST264 Workshop on Networked Group Communication
A distributed host-based worm detection system
Proceedings of the 2006 SIGCOMM workshop on Large-scale attack defense
Dependency-based distributed intrusion detection
DETER Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test on DETER Community Workshop on Cyber Security Experimentation and Test 2007
The need for simulation in evaluating anomaly detectors
ACM SIGCOMM Computer Communication Review
An adaptive anomaly detector for worm detection
SYSML'07 Proceedings of the 2nd USENIX workshop on Tackling computer systems problems with machine learning techniques
LEET'08 Proceedings of the 1st Usenix Workshop on Large-Scale Exploits and Emergent Threats
Streaming Estimation of Information-Theoretic Metrics for Anomaly Detection (Extended Abstract)
RAID '08 Proceedings of the 11th international symposium on Recent Advances in Intrusion Detection
When gossip is good: distributed probabilistic inference for detection of slow network intrusions
AAAI'06 proceedings of the 21st national conference on Artificial intelligence - Volume 2
COD: online temporal clustering for outbreak detection
AAAI'07 Proceedings of the 22nd national conference on Artificial intelligence - Volume 1
Exploiting Temporal Persistence to Detect Covert Botnet Channels
RAID '09 Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection
The cubicle vs. the coffee shop: behavioral modes in enterprise end-users
PAM'08 Proceedings of the 9th international conference on Passive and active network measurement
RETRACTED: Impacts of sensor node distributions on coverage in sensor networks
Journal of Parallel and Distributed Computing
Hi-index | 0.00 |
Network defence is an elusive art. The arsenal to defend our devices and networks from attack is constantly lagging behind the latest methods used by attackers to break into them. To counteract this trend, we developed a distributed approach comprised of collaborative end-host detectors. Simulations reveal dramatic improvements over stand-alone detectors in accuracy (fewer false alarms) and in quality (the ability to capture otherwise undetected stealthy anomalies). Although these results derive from botnet detection in enterprise networks, they have broader applicability to the self-manageability of pervasive computing devices. To test this claim, Intel Corporation partnered with British Telecommunications plc to launch a trial deployment. In this paper, we report on architectural insights and validation methodologies gleaned from the development of a testbed infrastructure and phased experiments. Finally, we propose Collaborative Defence as a blueprint for emergent collaborative systems and its measurement-everywhere approach as the adaptive underpinnings needed for pervasive services.