Abstract
To overcome the problem of attacks on networks, new Intrusion Detection System (IDS) approaches have been proposed in recent years. They consist in identifying signatures of known attacks to compare them to each request and determine whether it is an attack or not. However, these methods are set to default when the attack is unknown from the database of signatures. Usually this problem is solved by calling human expertise to update the database of signatures. However, it is frequent that an attack has already been detected by another organization and it would be useful to be able to benefit from this knowledge to enrich the database of signatures. Unfortunately this information is not so easy to obtain. In fact organizations do not necessarily want to spread the information that they have already faced this type of attack. In this paper we propose a new approach to intrusion detection in a collaborative environment but by preserving the privacy of the collaborative organizations. Our approach works for any signature that may be written as a regular expression insuring that no information is disclosed on the content of the sites.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Cuppens, F., Miege, A.: Alert correlation in a cooperative intrusion detection framework. In: Proc. of the IEEE International Conference on Networks (ICON 2005), pp. 118–123 (2005)
The Open Source Vulnerability Database (2008), http://osvdb.org/
Escamilla, T.: Intrusion Detection: Network Security beyond the firewall. John Wiley and Sons, New York (1998)
Goldreich, O.: Secure multi-party computation - working draft (2000), citeseer.ist.psu.edu/goldreich98secure.html
Graham, R.: FAQ: Network Intryusion Detection System (2001), http://www.robertgraham.com/pubs/network-intrusion-detection.html
Heady, R., Luger, G., Maccabe, A., Servilla, M.: The Architecture of a Network Level Intrusion Detection System. Technical Report CS9020 (1990)
Hopcroft, J., Motwanu, R., Rotwani, Ullman, J.: Introduction to Automata Theory, Languages and Computability. Addison-Wesley, Reading (2000)
Janakiraman, R., Waldvoge, M., Zhang, Q.: Indra: a peer-to-peer approach to network intrusion detection and prevention. In: Proc. of the 12th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, pp. 226–231 (2003)
Kantarcioglu, M., Vaidya, J.: An architecture for privacy-preserving mining of client information. In: Proc. of the Workshop on Privac, pp. 27–42 (2002)
Locasto, M., Parekh, J., Keromytis, A., Stolfo, S.: Towards Collaborative Security and P2P Intrusion Detection. In: Proceedings of the 2005 IEEE Workshop on Information Assurance and Security, West Point, NY (2005)
McHugh, J., Christie, A., Allen, J.: Defending yourself: the role of intrusion detection systems. IEEE Software, 42–51 (2000)
Proctor, P.: Practical Intrusion Detection Handbook. Prentice-Hall, Englewood Cliffs (2001)
Wang, K., Cretu, G., Stolfo, S.: Anomalous Payload-based Worm Detection and Signature Generation. In: Proceedings of the 8th International Symposium on Recent Advances in Intrusion Detection (2005)
Zhang, G., Parashar, M.: Cooperative Defence Against DDoS Attacks. Journal of Research and Practice in Information Technology 38(1) (2006)
Zhou, C.V., Karunasekera, S., Leckie, C.: Evaluation of a Decentralized Architecture for Large Scale Collaborative Intrusion Detection. In: Proceedings of the 10th IFIP/IEEE International Symposium on Integrated Network Management (IM 2007), pp. 80–89 (2007)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Verma, N., Trousset, F., Poncelet, P., Masseglia, F. (2010). Intrusion Detections in Collaborative Organizations by Preserving Privacy. In: Guillet, F., Ritschard, G., Zighed, D.A., Briand, H. (eds) Advances in Knowledge Discovery and Management. Studies in Computational Intelligence, vol 292. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-00580-0_14
Download citation
DOI: https://doi.org/10.1007/978-3-642-00580-0_14
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-00579-4
Online ISBN: 978-3-642-00580-0
eBook Packages: EngineeringEngineering (R0)