Collaborative incident handling based on the blackboard-pattern

Nadine Herold, Holger Kinkelin, Georg Carle

Publikation: Beitrag in Buch/Bericht/KonferenzbandKonferenzbeitragBegutachtung

3 Zitate (Scopus)

Abstract

Defending computer networks from ongoing security incidents is a key requirement to ensure service continuity. Handling incidents in real-time is a complex process consisting of the three single steps: intrusion detection, alert processing and intrusion response. For useful and automated incident handling a comprehensive view on the process and tightly interleaved single steps are required. Existing solutions for incident handling merely focus on a single step leaving the other steps completely aside. Incompatible and encapsulated partial solutions are the consequence. This paper proposes an incident handling systems (IHS) based on a novel execution model that allows interleaving and collaborative interaction between the incident handling steps realized using the Blackboard Pattern. Our holistic information model lays the foundation for a con ictfree collaboration. The incident handling steps are further segmented into exchangeable functional blocks distributed across the network. To show the applicability of our approach, typical use cases for incident handling systems are identified and tested with our implementation.

OriginalspracheEnglisch
TitelWISCS 2016 - Proceedings of the 2016 ACM Workshop on Information Sharing and Collaborative Security, co-located with CCS 2016
Herausgeber (Verlag)Association for Computing Machinery, Inc
Seiten25-34
Seitenumfang10
ISBN (elektronisch)9781450345651
DOIs
PublikationsstatusVeröffentlicht - 24 Okt. 2016
Veranstaltung3rd ACM Workshop on Information Sharing and Collaborative Security, WISCS 2016 - Vienna, Österreich
Dauer: 24 Okt. 2016 → …

Publikationsreihe

NameWISCS 2016 - Proceedings of the 2016 ACM Workshop on Information Sharing and Collaborative Security, co-located with CCS 2016

Konferenz

Konferenz3rd ACM Workshop on Information Sharing and Collaborative Security, WISCS 2016
Land/GebietÖsterreich
OrtVienna
Zeitraum24/10/16 → …

Fingerprint

Untersuchen Sie die Forschungsthemen von „Collaborative incident handling based on the blackboard-pattern“. Zusammen bilden sie einen einzigartigen Fingerprint.

Dieses zitieren