TY - JOUR
T1 - Network attack detection and defense - Manifesto of the Dagstuhl Perspective Workshop, March 2nd-6th, 2008
AU - Carle, Georg
AU - Dressler, Falko
AU - Kemmerer, Richard A.
AU - Koenig, Hartmut
AU - Kruegel, Christopher
AU - Laskov, Pavel
PY - 2009/3
Y1 - 2009/3
N2 - This manifesto is the result of the Perspective Workshop Network Attack Detection and Defense held in Schloss Dagstuhl (Germany) from March 2nd-6th, 2008. The participants of the workshop represent researchers from Austria, France, Norway, the Switzerland, the United States, and Germany who work actively in the field of intrusion detection and network monitoring. The workshop attendee's opinion was that intrusion detection and flow analysis, which have been developed as complementary approaches for the detection of network attacks, should more strongly combine event detection and correlation techniques to better meet future challenges in future reactive security. The workshop participants considered various perspectives to envision future network attack detection and defense. The following topics are seen as important in the future: the development of early warning systems, the introduction of situation awareness, the improvement of measurement technology, taxonomy of attacks, the application of intrusion and fraud detection for web services, and anomaly detection. In order to realize those visions the state of the art, the challenges, and research priorities were identified for each topic by working groups. The outcome of the discussion is summarized in working group papers which are published in the workshop proceedings. The papers were compiled by the editors to this manifesto.
AB - This manifesto is the result of the Perspective Workshop Network Attack Detection and Defense held in Schloss Dagstuhl (Germany) from March 2nd-6th, 2008. The participants of the workshop represent researchers from Austria, France, Norway, the Switzerland, the United States, and Germany who work actively in the field of intrusion detection and network monitoring. The workshop attendee's opinion was that intrusion detection and flow analysis, which have been developed as complementary approaches for the detection of network attacks, should more strongly combine event detection and correlation techniques to better meet future challenges in future reactive security. The workshop participants considered various perspectives to envision future network attack detection and defense. The following topics are seen as important in the future: the development of early warning systems, the introduction of situation awareness, the improvement of measurement technology, taxonomy of attacks, the application of intrusion and fraud detection for web services, and anomaly detection. In order to realize those visions the state of the art, the challenges, and research priorities were identified for each topic by working groups. The outcome of the discussion is summarized in working group papers which are published in the workshop proceedings. The papers were compiled by the editors to this manifesto.
KW - Early warning systems
KW - Intrusion detection
KW - Measurement requirements
KW - Network monitoring
KW - Situation awareness
UR - http://www.scopus.com/inward/record.url?scp=61649116563&partnerID=8YFLogxK
U2 - 10.1007/s00450-009-0055-y
DO - 10.1007/s00450-009-0055-y
M3 - Article
AN - SCOPUS:61649116563
SN - 1865-2034
VL - 23
SP - 15
EP - 25
JO - Computer Science - Research and Development
JF - Computer Science - Research and Development
IS - 1
ER -