Anonymous and Distributed Community Cyberincident Detection

Author

Harrison, Kevin ; White, Gregory B.

Author_Institution

Univ. of Texas at San Antonio, San Antonio, TX, USA

Volume

11

Issue

5

fYear

2013

fDate

Sept.-Oct. 2013

Firstpage

20

Lastpage

27

Abstract

Communities are under attack from a variety of threat agents. The repercussions from these attacks will grow more severe as communities become increasingly reliant on cyberspace. Communities must be prepared to prevent, detect, respond to, and recover from a wide variety of cyberincidents. The timely and useful detection of cyberattacks is a first step toward fast and effective response and recovery. However, centralized community cyberincident detection scales poorly, and community members are understandably hesitant to share sensitive security information. Anonymity is vital to protecting participants´ privacy, and thereby encouraging their participation. A community cyberincident detection framework based on an anonymous, distributed, scalable information-sharing architecture addresses these issues.

Keywords

data privacy; distributed processing; anonymous cyberincident detection; centralized community cyberincident detection; cyberspace; distributed community cyberincident detection; participant privacy protection; scalable information-sharing architecture; sensitive security information; Communities; Computer security; Information management; Peer-to-peer computing; Privacy; Scalability; anonymity; collaborative intrusion detection; community; distributed hash table; information sharing; intrusion detection; network security; privacy; security;

fLanguage

English

Journal_Title

Security & Privacy, IEEE

Publisher

ieee

ISSN

1540-7993

Type

jour

DOI

10.1109/MSP.2013.24

Filename

6484051