ABSTRACT
Recent evidence of successful Internet-based attacks and frauds involving financial institutions highlights the inadequacy of the existing protection mechanisms, in which each instutition implements its own isolated monitoring and reaction strategy. Analyzing on-line activity and detecting attacks on a large scale is an open issue due to the huge amounts of events that should be collected and processed. In this paper, we propose a large-scale distributed event processing system, called intelligence cloud, allowing the financial entities to participate in a widely distributed monitoring and detection effort through the exchange and processing of information locally available at each participating site. We expect this approach to be able to handle large amounts of events arriving at high rates from multiple domains of the financial scenario. We describe a framework based on the intelligence cloud where each participant can receive early alerts enabling them to deploy proactive countermeasures and mitigation strategies.
- http://hadoop.apache.org/Google Scholar
- http://www.comifin.eu/Google Scholar
- http://www.jaql.org/Google Scholar
- http://www.json.org/Google Scholar
- System S, http://domino.research.ibm.com/comm/research_projects.nsf/pages/esps.index.htmlGoogle Scholar
- AT&T "Protect your business by preventing Internet attacks", September 2004, http://www.corp.att.com/emea/docs/pb/internet_protect.pdfGoogle Scholar
- ChronoPay Suffers DDoS Attack, http://www.kommersant.com/p876309/r_500/electronic_payment_processingGoogle Scholar
- FBI investigates 9 Million ATM scam, http://www.myfoxny.com/dpp/news/090202_FBI_Investigates_9_Million_ATM_ScamGoogle Scholar
- Liberty Reserve is down under DDoS attack, http://www.ecommerce-journal.com/news/libertyreserve_what_is_going_onGoogle Scholar
- National Australia Bank hit by DDoS attack, http://www.zdnet.com.au/news/security/soa/National-Australia-Bank-hit-by-DDoS-attack/0,130061744,339271790,00.htmGoogle Scholar
- Netcraft, Payment Gateway StormPay Battling Sustained DDoS Attack, http://news.netcraft.com/, 10th February, 2006Google Scholar
- Update: Credit card firm hit by DDoS attack, http://www.computerworld.com/securitytopics/security/story/0,10801,96099,00.htmlGoogle Scholar
- R. Baldoni, R. Beraldi, V. Quema, L. Querzoni, and S. Tucci-Piergiovanni, "TERA: topic-based event routing for peer-to-peer architectures", In Proc. of the 2007 ACM international conference on Distributed event-based systems, 2007 Google ScholarDigital Library
- R. Baldoni, S. Bonomi, L. Querzoni, and S. Tucci-Piergiovanni, "Investigating the Existence and the Regularity of Logarithmic Harary Graphs", In Proc. of the IEEE International Symposium on Reliable Distributed Systems, 2008 (extended version to appear in Theoretical Computer Science). Google ScholarDigital Library
- N. Bansal, R. Bhagwan, N. Jain, Y. Park, D. S. Turaga, C. Venkaramani, "Towards Optimal Operator Placement in Partial-Fault Tolerant Applications", IEEE Infocom 2008, April, Phoenix, AZGoogle Scholar
- D. Bickson, Y. Tock, O. Shental, D. Dolev, "Polynomial Linear Programming with Gaussian Belief Propagation", In Proc. 46th Annual Allerton Conference on Communication, Control, and Computing, Monticello, IL, USA, September 2008.Google Scholar
- G. Chockler, R. Melamed, Y. Tock, R. Vitenberg "SpiderCast: An Interest-Aware Unstructured Overlay for Topic-Based Publish/Subscribe", LADIS 2008.Google Scholar
- F. Fu, D. S. Turaga, O. Verscheure, M. Van der Schaar, and L. Amini, "Configuring networked classifiers in distributed and resource constrained stream processing systems", In Proc. of ICASSP 2007.Google Scholar
- Girdzijauskas, G. Chockler, Melamed, Y. Tock. "Gravity: An Interest-Aware Publish/Subscribe System Based on Structured Overlays". In Proc. of DEBS'08 (fast abstract), Rome, July 2008.Google Scholar
- R. Melamed and I. Keidar, "Araneola: A Scalable Reliable Multicast System for Dynamic Environments". Journal of Parallel and Distributed Computing (JPDC) 68(12), December 2008. Google ScholarDigital Library
- Y. Vigfusson, H. Abu-Libdeh, M. Balakrishnan, K. Birman, Y. Tock, "Dr. Multicast: Rx for Datacenter Communication Scalability", In Proc. of HOTNETS '08 2008.Google Scholar
Index Terms
Defending financial infrastructures through early warning systems: the intelligence cloud approach
Recommendations
Monitoring and early warning for internet worms
CCS '03: Proceedings of the 10th ACM conference on Computer and communications securityAfter the Code Red incident in 2001 and the SQL Slammer in January 2003, it is clear that a simple self-propagating worm can quickly spread across the Internet, infects most vulnerable computers before people can take effective countermeasures. The fast ...
Detecting and Defending against Worm Attacks Using Bot-honeynet
ISECS '09: Proceedings of the 2009 Second International Symposium on Electronic Commerce and Security - Volume 01We proposed a worm detection and defense system named bot-honeynet in this paper, which combines the best features of honeynet, anomaly detection and botnet. The combination of honeynet and anomaly detection system offers a tradeoff between false ...
Comments