direkt zum Inhalt springen

direkt zum Hauptnavigationsmenü

Sie sind hier

TU Berlin

Page Content

Publications by Type: Conference and Workshop Publications

see also conference papers, workshop papers, demos, and posters. (under construction)

Policy-Controlled Event Management for Distributed Intrusion Detection
Citation key KS-PEMDID-05
Author Kreibich, Christian and Sommer, Robin
Title of Book ICDCSW '05: Proceedings of the Fourth International Workshop on Distributed Event-Based Systems (DEBS) (ICDCSW'05)
Pages 385–391
Year 2005
ISBN 0-7695-2328-5
DOI http://dx.doi.org/10.1109/ICDCSW.2005.112
Address Washington, DC, USA
Publisher IEEE Computer Society
Abstract A powerful strategy in intrusion detection is the separation of surveillance mechanisms from a site's policy for processing observed events. The Bro intrusion detection system has been using the notion of policy-neutral events as the basic building blocks for the formulation of a site's security policy since its conception. A recent addition to the system is the ability to exchange events with other Bro peers to allow distributed detection. In this paper we extend Bro's existing event model to fulfill the requirements of scalable policy-controlled distributed event management, including mechanisms for event publication, subscription, processing, propagation, and correlation.
Link to publication Download Bibtex entry

Zusatzinformationen / Extras

Quick Access:

Schnellnavigation zur Seite über Nummerneingabe

Auxiliary Functions

Under Construction

This page/section is
still under construc-
tion. Please try again