COMPREHENSIVE APPROACH TO INFORMATION SHARING FOR INCREASED NETWORK SECURITY AND SURVIVABILITY

In this article, a comprehensive approach to information sharing framework aimed at increasing network security and survivability is presented. Currently, in order to defend complex cyber-attacks and sophisticated cybercrime, comprehensive means of ensuring network security and survivability are highly demanded. Comprehensive is understood as (at least) technical, human, organizational, and regulatory dimensions, whereas technical means that both on-line and off-line aspects should be carefully taken into account. The focus of this article is on the technical dimension and, in particular, on information exchange mechanisms for on-line and off-line dimension. Firstly, the on-line information exchange mechanism dedicated for interconnected federated networks is described. Then, a proposition of the off-line network information sharing approach regarding results of the risk assessment, cybersecurity audits, threat ranking, etc., is discussed. Developments and results of information sharing mechanisms in both on-line and off-line network security dimensions are also described.

[1]  Xin Jin,et al.  RT-based administrative models for community cyber security information sharing , 2011, 7th International Conference on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom).

[2]  Michal Wozniak,et al.  Combined Bayesian Classifiers Applied to Spam Filtering Problem , 2012, CISIS/ICEUTE/SOCO Special Sessions.

[3]  Rafal Piotrowski,et al.  Network Events Correlation for Federated Networks Protection System , 2011, ServiceWave.

[4]  Peng Wu,et al.  Security audit system using Adaptive Genetic Algorithm and Support Vector Machine , 2010, 2010 3rd International Conference on Advanced Computer Theory and Engineering(ICACTE).

[5]  Conversion and delivery of electrical energy in the 21st century , 2008, 2008 IEEE Power and Energy Society General Meeting - Conversion and Delivery of Electrical Energy in the 21st Century.

[6]  R. Chandramouli,et al.  Emerging social media threats: Technology and policy perspectives , 2011, 2011 Second Worldwide Cybersecurity Summit (WCS).

[7]  Bob Martin,et al.  2010 CWE/SANS Top 25 Most Dangerous Software Errors , 2010 .

[8]  David Wood,et al.  Technologies for federation and interoperation of coalition networks , 2009, 2009 12th International Conference on Information Fusion.

[9]  Budhendra L. Bhaduri,et al.  Visualizing Energy Resources Dynamically on Earth , 2008, 2008 IEEE Power and Energy Society General Meeting - Conversion and Delivery of Electrical Energy in the 21st Century.

[10]  Albert Levi,et al.  Preserving organizational privacy in intrusion detection log sharing , 2011, 2011 3rd International Conference on Cyber Conflict.

[11]  Ravi S. Sandhu,et al.  Towards Secure Information Sharing models for community Cyber Security , 2010, 6th International Conference on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom 2010).

[12]  Bartosz Krawczyk,et al.  Combined Classifiers with Neural Fuser for Spam Detection , 2012, CISIS/ICEUTE/SOCO Special Sessions.

[13]  Susanna Cantor,et al.  Trusted Distributed Repository of Internet Usage Data for Use in Cyber Security Research , 2009, 2009 Cybersecurity Applications & Technology Conference for Homeland Security.

[14]  Michal Choras,et al.  Network Event Correlation and Semantic Reasoning for Federated Networks Protection System , 2011, CISIM.

[15]  Jing Liu,et al.  A correlation analysis method of network security events based on rough set theory , 2012, 2012 3rd IEEE International Conference on Network Infrastructure and Digital Content.

[16]  Sarah Brown,et al.  Conceptual framework for cyber defense information sharing within trust relationships , 2012, 2012 4th International Conference on Cyber Conflict (CYCON 2012).

[17]  XiaoFeng Wang,et al.  A fuzzy forecast method for network security situation based on Markov , 2012, 2012 International Conference on Computer Science and Information Processing (CSIP).

[18]  Michal Choras,et al.  Intersection Approach to Vulnerability Handling , 2010, WEBIST.

[19]  Michał Choraś,et al.  Real-Time Analysis of Non-stationary and Complex Network Related Data for Injection Attempts Detection , 2014 .

[20]  Wang Chunlei,et al.  A framework for network security situation awareness based on knowledge discovery , 2010, 2010 2nd International Conference on Computer Engineering and Technology.

[21]  Wang Qingxian,et al.  A network security evaluation method based on fuzzy and RST , 2010, 2010 2nd International Conference on Education Technology and Computer.

[22]  H. Yousefi'zadeh,et al.  Hierarchical and federated network management for tactical environments , 2005, MILCOM 2005 - 2005 IEEE Military Communications Conference.

[23]  Björn Stelte,et al.  Attack trends in present computer networks , 2012, 2012 4th International Conference on Cyber Conflict (CYCON 2012).

[24]  Xionggang Tu,et al.  Network security risk assessment based on support vector machine , 2011, 2011 IEEE 3rd International Conference on Communication Software and Networks.

[25]  Victor A. Benjamin,et al.  Securing cyberspace: Identifying key actors in hacker communities , 2012, 2012 IEEE International Conference on Intelligence and Security Informatics.

[26]  Bin Luo,et al.  The risk evaluation model of network information security based on improved BP neural network , 2012, 2012 International Symposium on Instrumentation & Measurement, Sensor Network and Automation (IMSNA).