A hierarchical mobile-agent-based security operation center

Jung Shian Li, Che Jen Hsieh, Husan Yeh Lin

研究成果: Article同行評審

9 引文 斯高帕斯(Scopus)

摘要

The continuous evolvement of the e-domain has led to a significant increase in the amount of sensitive personal information stored on networked hosts. These hosts are invariably protected by security mechanisms such as intrusion detection systems, Intrusion Prevention System (IPS), antivirus software, firewalls, and so forth. However, they still remain vulnerable to the threat of malicious attacks, theft and intrusion. The high false positive alarm rate of such mechanisms is particularly troublesome because false alarms greatly degrade the efficiency of the security framework. Security operation centers (SOCs) provide an automated solution for analyzing the threat to a network such that appropriate protective measures can be put in place. This paper proposes a novel hierarchical mobile-agent-based SOC to overcome the vulnerability of traditional static SOCs to single point of failure attacks. In addition, the network is partitioned into multiple divisions, each with its own alert detection and aggregation methodology to improve the computational efficiency of the data collection and fusion process. The data acquired in the various divisions are fused and correlated in an efficient manner via intrusion detection message exchange format, XML, session and timer methods The experimental results confirm the effectiveness and efficiency of the proposed hierarchical mobile-agent-based SOC framework.

原文English
頁(從 - 到)1503-1519
頁數17
期刊International Journal of Communication Systems
26
發行號12
DOIs
出版狀態Published - 2013 十二月 1

All Science Journal Classification (ASJC) codes

  • 電腦網路與通信
  • 電氣與電子工程

指紋

深入研究「A hierarchical mobile-agent-based security operation center」主題。共同形成了獨特的指紋。

引用此