Schloss Dagstuhl - Leibniz-Zentrum fuer Informatik GmbH Schloss Dagstuhl - Leibniz-Zentrum fuer Informatik GmbH scholarly article en Carle, Georg; Debar, Hervé; Dressler, Falko; König, Hartmut http://www.dagstuhl.de/dagrep License
when quoting this document, please refer to the following
DOI:
URN: urn:nbn:de:0030-drops-34761
URL:

; ; ;
Weitere Beteiligte (Hrsg. etc.): Georg Carle and Hervé Debar and Falko Dressler and Hartmut König

Network Attack Detection and Defense Early Warning Systems - Challenges and Perspectives (Dagstuhl Seminar 12061)

pdf-format:


Abstract

The increasing dependence of human society on information technology (IT) systems requires appropriate measures to cope with their misuse. The growing potential of threats, which make these systems more and more vulnerable, is caused by the complexity of the technologies themselves. The potential of threats in networked systems will further grow as well as the number of individuals who are able to abuse these systems. It becomes increasingly apparent that IT security cannot be achieved by prevention alone. Preventive measures and reactive aspects need to complement one another. A major challenge of modern IT security technologies is to cope with an exploding variability of attacks which stems from a significant commercial motivation behind them. Increasingly proactive measures are required to ward off these threats. Increased efforts in research and society are required to protect critical civil infrastructures, such as the health care system, the traffic system, power supply, trade, military networks, and others in developed countries. This is a consequence of the increasing shift of industrial IT systems to the IP protocol leading to sensible IT infrastructures which are more vulnerable as the proprietary systems used in the past. The abundance of services of modern infrastructures critically depends on information and communication technologies. Though, being key enablers of critical infrastructures, these technologies are, at the same time, reckoned among the most vulnerable elements of the whole system. The cooperative information exchange between institutions is mandatory in order to detect distributed and coordinated attacks. Based on a large-scale acquisition of pertinent information, Early Warning Systems are a currently pursued approach to draw up situation pictures that allows the detection of trends and upcoming threats, allowing furthermore taking appropriate measures. The Dagstuhl seminar brought together researchers from academia and industry. The objective of the seminar was to further discuss challenges and methods in the area of attack detection and defense. The seminar was supposed to focus on design aspects of early warning systems and related monitoring infrastructures, e.g., intrusion detection overlays, to protect computer systems, networks, and critical infrastructures. The seminar was jointly organized by Georg Carle, Hervé Debar, Hartmut König, and Jelena Mirkovic. It was attended by 34 participants from nine countries.

BibTeX - Entry

@Article{carle_et_al:DR:2012:3476,
  author =	{Georg Carle and Herv{\'e} Debar and Falko Dressler and Hartmut K{\"o}nig},
  title =	{{Network Attack Detection and Defense Early Warning Systems - Challenges and Perspectives (Dagstuhl Seminar 12061)}},
  pages =	{1--20},
  journal =	{Dagstuhl Reports},
  ISSN =	{2192-5283},
  year =	{2012},
  volume =	{2},
  number =	{2},
  editor =	{Georg Carle and Herv{\'e} Debar and Falko Dressler and Hartmut K{\"o}nig},
  publisher =	{Schloss Dagstuhl--Leibniz-Zentrum fuer Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{http://drops.dagstuhl.de/opus/volltexte/2012/3476},
  URN =		{urn:nbn:de:0030-drops-34761},
  doi =		{http://dx.doi.org/10.4230/DagRep.2.2.1},
  annote =	{Keywords: early warning systems, critical infrastructure protection, botnets, intrusion detection, malware assessment, vulnerability analysis, network}
}

Keywords: early warning systems, critical infrastructure protection, botnets, intrusion detection, malware assessment, vulnerability analysis, network
Freie Schlagwörter (englisch): monitoring, flow analysis, denial-of-service detection and response, event correlation, attack response and countermeasures
Seminar: Dagstuhl Reports, Volume 2, Issue 2
Issue date: 2012
Date of publication: 2012


DROPS-Home | Fulltext Search | Imprint Published by LZI