• DocumentCode
    2965198
  • Title

    V-COPS: A Vulnerability-Based Cooperative Alert Distribution System

  • Author

    Chen, Shiping ; Liu, Dongyu ; Chen, Songqing ; Jajodia, Sushil

  • Author_Institution
    Center for Secure Inf. Syst., George Mason Univ., Fairfax, VA
  • fYear
    2006
  • fDate
    Dec. 2006
  • Firstpage
    43
  • Lastpage
    56
  • Abstract
    The efficiency of promptly releasing security alerts of established analysis centers has been greatly challenged by the continuous emergence of various large scale network attacks, such as worms. With a limited number of sensors deployed over the Internet and a long attack verification period, when the alert is released by analysis centers, the best time to stop the attack may have passed. On the other hand, (1) most of the past large scale attacks targeted known vulnerabilities, and (2) today numerous Internet systems have integrated detection tools, such as virus detection software and intrusion detection systems (IDS), the power of which could be harnessed to defend against large scale attacks. In this paper, we propose V-COPS - a vulnerability-based cooperative alert distribution system, by leveraging existing independent local attack detection systems. V-COPS is capable of promptly propagating genuine alerts with critical vulnerability information, based on which relevant stakeholders can take preventive actions in time. Extensive analysis and experiments have been performed to study the performance of V-COPS. The preliminary results show V-COPS is effective
  • Keywords
    Internet; security of data; Internet; V-COPS; analysis centers; attack detection; attack verification; critical vulnerability information; integrated detection tools; large scale network attacks; security alerts; vulnerability-based cooperative alert distribution system; Computer science; Computer security; Computer worms; Information analysis; Information security; Information systems; Internet; Intrusion detection; Large scale integration; Large-scale systems;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Computer Security Applications Conference, 2006. ACSAC '06. 22nd Annual
  • Conference_Location
    Miami Beach, FL
  • ISSN
    1063-9527
  • Print_ISBN
    0-7695-2716-7
  • Type

    conf

  • DOI
    10.1109/ACSAC.2006.54
  • Filename
    4041153