Skip to main content

Collaborative Attack vs. Collaborative Defense

(Extended Abstract)

  • Conference paper

Part of the Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering book series (LNICST,volume 10)

Abstract

We have witnessed many attacks in the cyberspace. However, most attacks are launched by individual attackers even though an attack may involve many compromised computers. In this paper, we envision what we believe to be the next generation cyber attacks — collaborative attacks. Collaborative attacks can be launched by multiple attackers (i.e., human attackers or criminal organizations), each of which may have some specialized expertise. This is possible because cyber attacks can become very sophisticated and specialization of attack expertise naturally becomes relevant. To counter collaborative attacks, we might need collaborative defense because each “chain” in a collaborative attack may be only adequately dealt with by a different defender. In order to understand collaborative attack and collaborative defense, we present a high-level abstracted framework for evaluating the effectiveness of collaborative defense against collaborative attacks. As a first step towards realizing and instantiating the framework, we explore a characterization of collaborative attacks and collaborative defense from the relevant perspectives.

Keywords

  • cyber security
  • cyber attack
  • collaborative attack
  • collaborative defense

This is a preview of subscription content, access via your institution.

Buying options

Chapter
USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-3-642-03354-4_17
  • Chapter length: 12 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
eBook
USD   149.00
Price excludes VAT (USA)
  • ISBN: 978-3-642-03354-4
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   199.00
Price excludes VAT (USA)

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Allman, M., Blanton, E., Paxson, V., Shenker, S.: Fighting coordinated attackers with cross-organizational information sharing. In: HOTNETS 2006 (2006)

    Google Scholar 

  2. Green, J., Marchette, D., Northcutt, S., Ralph, B.: Analysis techniques for detecting coordinated attacks and probes. In: Proceedings of the Workshop on Intrusion Detection and Network Monitoring, pp. 1–9 (1999)

    Google Scholar 

  3. Julisch, K.: Clustering intrusion detection alarms to support root cause analysis. ACM Trans. Inf. Syst. Secur. 6(4), 443–471 (2003)

    CrossRef  Google Scholar 

  4. Katti, S., Krishnamurthy, B., Katabi, D.: Collaborating against common enemies. In: Proceedings of the 5th ACM SIGCOMM conference on Internet Measurement (IMC 2005), p. 34 (2005)

    Google Scholar 

  5. Li, X., Xu, S.: A stochastic modeling of coordinated internal and external attacks (manuscript in submission)

    Google Scholar 

  6. Ning, P., Cui, Y., Reeves, D.: Constructing attack scenarios through correlation of intrusion alerts. In: Proceedings of the 9th ACM conference on Computer and communications security (CCS 2002), pp. 245–254 (2002)

    Google Scholar 

  7. Ourston, D., Matzner, S., Stump, W., Hopkins, B.: Coordinated internet attacks: responding to attack complexity. Journal of Computer Security 12(2), 165–190 (2004)

    CrossRef  Google Scholar 

  8. Valdes, A., Skinner, K.: Probabilistic alert correlation. In: Proceedings of the 4th International Symposium on Recent Advances in Intrusion Detection (RAID 2000), pp. 54–68 (2001)

    Google Scholar 

  9. Valeur, F., Vigna, G., Kruegel, C., Kemmerer, R.: A comprehensive approach to intrusion detection alert correlation. IEEE Trans. Dependable Secur. Comput. 1(3), 146–169 (2004)

    CrossRef  Google Scholar 

  10. Zhou, J., Heckman, M., Reynolds, B., Carlson, A., Bishop, M.: Modeling network intrusion detection alerts for correlation. ACM Trans. Inf. Syst. Secur. 10(1), 4 (2007)

    CrossRef  Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2009 ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering

About this paper

Cite this paper

Xu, S. (2009). Collaborative Attack vs. Collaborative Defense. In: Bertino, E., Joshi, J.B.D. (eds) Collaborative Computing: Networking, Applications and Worksharing. CollaborateCom 2008. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 10. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-03354-4_17

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-03354-4_17

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-03353-7

  • Online ISBN: 978-3-642-03354-4

  • eBook Packages: Computer ScienceComputer Science (R0)