A Robust Clustering Algorithm Based on Competitive Agglomeration and Soft Rejection of Outliers
CVPR '96 Proceedings of the 1996 Conference on Computer Vision and Pattern Recognition (CVPR '96)
Monitoring and early warning for internet worms
Proceedings of the 10th ACM conference on Computer and communications security
The Information Security Dictionary: Defining The Terms That Define Security For E-business, Internet, Information And Wireless Technology (KLUWER INTERNATIONAL SERIES IN ENGINEERING AND COMPUTER SCIENCE)
Computer Viruses and Malware (Advances in Information Security)
Computer Viruses and Malware (Advances in Information Security)
Privacy-Respecting Intrusion Detection (Advances in Information Security)
Privacy-Respecting Intrusion Detection (Advances in Information Security)
Toward Automated Dynamic Malware Analysis Using CWSandbox
IEEE Security and Privacy
Linear-Time Computation of Similarity Measures for Sequential Data
The Journal of Machine Learning Research
Applying Machine Learning Techniques for Detection of Malicious Code in Network Traffic
KI '07 Proceedings of the 30th annual German conference on Advances in Artificial Intelligence
Learning and Classification of Malware Behavior
DIMVA '08 Proceedings of the 5th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Automated classification and analysis of internet malware
RAID'07 Proceedings of the 10th international conference on Recent advances in intrusion detection
Intelligent network-based early warning systems
CRITIS'06 Proceedings of the First international conference on Critical Information Infrastructures Security
Requirements of information reductions for cooperating intrusion detection agents
ETRICS'06 Proceedings of the 2006 international conference on Emerging Trends in Information and Communication Security
Improving the efficiency of misuse detection
DIMVA'05 Proceedings of the Second international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
ADWICE – anomaly detection with real-time incremental clustering
ICISC'04 Proceedings of the 7th international conference on Information Security and Cryptology
The nepenthes platform: an efficient approach to collect malware
RAID'06 Proceedings of the 9th international conference on Recent Advances in Intrusion Detection
IEEE Transactions on Information Theory
Cooperation enablement for centralistic early warning systems
Proceedings of the 2010 ACM Symposium on Applied Computing
Early warning system for cascading effect control in energy control systems
CRITIS'10 Proceedings of the 5th international conference on Critical Information Infrastructures Security
| Hi-index | 0.00 |
We present the architecture of an automatic early warning system (EWS) that aims at providing predictions and advice regarding security threats in information and communication technology without incorporation of cognitive abilities of humans and forms the basis for drawing a situation picture. Our EWS particularly targets the growing malware threat and shall achieve the required capabilities by combining malware collectors, malware analysis systems, malware behavior clustering, signature generation and distribution and malware/misuse detection system into an integrated process chain. The quality and timeliness of the results delivered by the EWS are influenced by the number and location of participating partners that share information on security incidents. In order to enable such a cooperation and an effective deployment of the EWS, interests and confidentiality requirements of the parties involved need to be carefully examined. We discuss technical details of the EWS components, evaluate alternatives and examine the interests of all parties involved in the anticipated deployment scenario.