Role-Based Collaboration Model of Security Devices

This paper describes several typical current mechanisms of security device collaboration and summarizes the collaboration models. And then a role-based security collaboration framework is introduced to classify the security devices into sensors, analyzers and executors. Based on the framework, a Two-Tiered policy mechanism is proposed to improve collaboration effect between sensors and executors.

[1]  Joan Borrell,et al.  Distributed Exchange of Alerts for the Detection of Coordinated Attacks , 2008, 6th Annual Communication Networks and Services Research Conference (cnsr 2008).

[2]  D. W. Bustard,et al.  Collaborative risk management , 2002, IEEE International Conference on Systems, Man and Cybernetics.

[3]  Tadeusz Pietraszek,et al.  Data mining and machine learning - Towards reducing false positives in intrusion detection , 2005, Inf. Secur. Tech. Rep..

[4]  Li Gong,et al.  Enclaves: Enabling Secure Collaboration Over the Internet , 1996, IEEE J. Sel. Areas Commun..

[5]  Jelena Mirkovic,et al.  A Framework for a Collaborative DDoS Defense , 2006, 2006 22nd Annual Computer Security Applications Conference (ACSAC'06).

[6]  M. Sourour,et al.  Collaboration between Security Devices toward improving Network Defense , 2008, Seventh IEEE/ACIS International Conference on Computer and Information Science (icis 2008).

[7]  Y. V. Ramana Reddy,et al.  TRINETR: An architecture for collaborative intrusion detection and knowledge-based alert evaluation , 2005, Adv. Eng. Informatics.

[8]  Eduardo B. Fernández,et al.  Coordination of security levels for Internet architectures , 1999, Proceedings. Tenth International Workshop on Database and Expert Systems Applications. DEXA 99.