Title :
A distributed attack detection and mitigation framework
Author :
Disso, Jules Ferdinand Pagna ; Jones, Kevin ; Williams, Patrick ; Steer, Alan
Author_Institution :
Innovation Works, EADS, Bristol, UK
Abstract :
Despite the efforts of security communities, the gap between the available protection against cyber-attacks and the number of successful attacks remains significant. The need for new countermeasures is clear and urgent as cyber-attacks are more than ever capable of causing loss of human life; destroying the environment, and causing a high level of disruption to critical infrastructures. The impact of cyber-attacks is sometimes comparable to the impact of traditional military actions. However, the lack of understanding of the scope of attacks and how they operate could lead to unsuccessful protection mechanisms. We have analysed attacks targeting IT and business network, and Critical infrastructure, as a result we present four levels of visibility of attacks that need to be considered when designing or implementing security mechanisms. In our discussion of these four levels of visibility of attacks, we particularly focus on one level where malicious users actions are direct threats to the targeted system but yet not visible by the targeted systems. We conclude by presenting our detection and mitigation framework concept.
Keywords :
security of data; cyber-attacks; detection framework; distributed attack detection; mitigation framework; protection mechanism; security mechanism; Computers; Google; IP networks; Malware; Search engines; Servers; Attack Analysis; Attack Framework; Attack Mitigation; Attack Visibility; Critical Infrastructure Protection; Drive By Download; Firewall; Google Hacking; IDS;
Conference_Titel :
Internet Multimedia Systems Architecture and Application (IMSAA), 2011 IEEE 5th International Conference on
Conference_Location :
Bangalore, Karnataka
Print_ISBN :
978-1-4577-1329-3
DOI :
10.1109/IMSAA.2011.6156366
