Privacy-Enabled Global Threat Monitoring

Author

Porras, Phillip A.

Author_Institution

SRI Int., Menlo Park, CA

Volume

4

Issue

6

fYear

2006

Firstpage

60

Lastpage

63

Abstract

The history of intrusion detection research gives a nice example of a community in a perpetual race to stay relevant. While we once focused on detecting user account misuse in mainframes, we then moved on to local area network abuse, and then to address the scalability problems in enterprise-wide detection. With the rise of e-commerce in the late 1990s, we intrusion detection developers have had to react to the emergence of script kiddies and Web defacements. Distributed denial-of-service attacks and wide-scale virus propagation soon followed, as did a new term, malware research, to address the growing concern about viruses and self-replicating worms spreading across the Internet at alarming speeds. More recently, we´ve had to consider the problem of botnets, which can organize and maintain illicit control of thousands of machines for months at a time to spread spam, conduct phishing attacks, or steal data or computing resources. Over the past decade, intrusion detection research has rarely been boring

Keywords

Internet; computer crime; computer viruses; data privacy; Internet; Web defacements; botnets; computer viruses; distributed denial-of-service attacks; enterprise-wide detection; global threat monitoring; intrusion detection research; local area network abuse; mainframes; malware research; phishing attacks; script kiddies; self-replicating worms; user account misuse; wide-scale virus propagation; Circuits; Collaboration; Data privacy; Data security; Filtering; Intrusion detection; Large-scale systems; Monitoring; Probes; Telecommunication traffic; intrusion detection; privacy; security;

fLanguage

English

Journal_Title

Security & Privacy, IEEE

Publisher

ieee

ISSN

1540-7993

Type

jour

DOI

10.1109/MSP.2006.161

Filename

4042659