Conference Proceedings

Relieving hot spots in collaborative intrusion detection systems during worm outbreaks

Chenfeng Vincent Zhou, Shanika Karunasekera, Christopher Leckie

2008 IEEE NETWORK OPERATIONS AND MANAGEMENT SYMPOSIUM, VOLS 1 AND 2 | IEEE | Published : 2008

Abstract

The increasing number of stealthy and coordinated attacks on the Internet pose a significant threat to network security. Collaborative intrusion detection systems (CIDSs) have therefore been proposed to address this coordinated defense challenge by correlating patterns of suspicious activity based on the source addresses of the suspicious incoming traffic. However, during worm outbreaks, there can be a rapid growth in suspicious evidence that is reported about individual sources of the worm outbreak. In CIDSs that correlate suspicious activity by source address, the evidence relating to these worm spread sources can cause a load "hot-spot", which severely degrades the overall performance of ..

View full abstract