Towards Optimal Sensor Placement Strategies for Early Warning Systems
作者: Philipp Trinius , Jan Gerrit Göbel
DOI:
关键词:
摘要: A network early warning system consists of several distributed sensors to detect malicious activity. The effectiveness such systems critically depends on the sensor deployment strategy used. We therefore analysed attack patterns software collected at worldwide determine an optimal strategy. Our results show that due small numbers attackers shared among networks, benefit large-scale is rather limited. However, there some evidence world-wide geographical distribution has beneficial effect average time.
参考文章(10)
Jan Gerrit Göbel, Amun: automatic capturing of malicious software Sicherheit. pp. 177- 190 ,(2010)
Jan Gerrit Göbel, Amun : a python honeypot ,(2009)
Jan Goebel, Thorsten Holz, Carsten Willems, Measurement and Analysis of Autonomous Spreading Malware in a University Environment Detection of Intrusions and Malware, and Vulnerability Assessment. pp. 109- 128 ,(2007) , 10.1007/978-3-540-73614-1_7
Henry M. Levy, Steven D. Gribble, Stefan Saroiu, Measurement and Analysis of Spyware in a University Environment. networked systems design and implementation. pp. 141- 153 ,(2004)
Paul Baecher, Markus Koetter, Thorsten Holz, Maximillian Dornseif, Felix Freiling, The Nepenthes Platform: An Efficient Approach to Collect Malware Lecture Notes in Computer Science. pp. 165- 184 ,(2006) , 10.1007/11856214_9
Mark Allman, Vern Paxson, Jeff Terrell, A brief history of scanning Proceedings of the 7th ACM SIGCOMM conference on Internet measurement - IMC '07. pp. 77- 82 ,(2007) , 10.1145/1298306.1298316
Engin Kirda, Davide Balzarotti, Ulrich Bayer, Imam Habibi, Christopher Kruegel, A view on current malware behaviors usenix conference on large scale exploits and emergent threats. pp. 8- 8 ,(2009)
Ben Stock, Jan Göbel, Markus Engelberth, Felix C. Freiling, Thorsten Holz, Walowdac - Analysis of a Peer-to-Peer Botnet 2009 European Conference on Computer Network Defense. pp. 13- 20 ,(2009) , 10.1109/EC2ND.2009.10
Evan Cooke, Michael Bailey, Z Morley Mao, David Watson, Farnam Jahanian, Danny McPherson, None, Toward understanding distributed blackhole placement workshop on rapid malcode. pp. 54- 64 ,(2004) , 10.1145/1029618.1029627
Felix C. Freiling, Ralf Hund, Markus Engelberth, Carsten Willems, Philipp Trinius, Jan Göbel, Christian Gorecki, Thorsten Holz, The InMAS Approach ,(2010) , 10.17877/DE290R-9005