A multi-level security based autonomic parameter selection approach for an effective and early detection of internet worms

Kumar Simkhada, Tarik Taleb, Yuji Waizumi, Abbas Jamalipour, Kazuo Hashimoto, Nei Kato, Yoshiaki Nemoto

Research output: Chapter in Book/Report/Conference proceedingConference contribution

2 Citations (Scopus)

Abstract

In light of the fast propagation of recent Internet worms, human intervention in securing the Internet during worm outbreaks is of little significance. In order to reduce the damage worms may cause, existing Intrusion Detection Systems (IDSs) need to be adaptive to the security-related requirements of their monitoring networks. This paper presents a Multilevel security based Autonomic Parameter Selector (MAPS) that can be implemented over any existing IDSs. The deployment architecture consists of a number of hierarchically placed local security managers, metropolitan security managers, and a global security manager. These security managers report events to a Worm Advisory System (WAS). WAS accordingly sets the threat level of the network. Based on this level, MAPS selects the most optimum parameters for the entire IDS to combat against the propagating worm. The MAPS architecture maintains the system performance by constantly evaluating three metrics, namely False Negative Avoidance, False Positive Avoidance, and Performance Overhead. Extensive experiments, using real network traffic and a recently proposed worm detection system, demonstrate that MAPS is capable of advising an IDS with optimum parameter values to effectively and promptly hinder further propagation of worms.

Original languageEnglish
Title of host publicationIEEE GLOBECOM 2006 - 2006 Global Telecommunications Conference
DOIs
Publication statusPublished - 2006 Dec 1
Externally publishedYes
EventIEEE GLOBECOM 2006 - 2006 Global Telecommunications Conference - San Francisco, CA, United States
Duration: 2006 Nov 272006 Dec 1

Publication series

NameGLOBECOM - IEEE Global Telecommunications Conference

Conference

ConferenceIEEE GLOBECOM 2006 - 2006 Global Telecommunications Conference
CountryUnited States
CitySan Francisco, CA
Period06/11/2706/12/1

ASJC Scopus subject areas

  • Engineering(all)

Fingerprint Dive into the research topics of 'A multi-level security based autonomic parameter selection approach for an effective and early detection of internet worms'. Together they form a unique fingerprint.

  • Cite this

    Simkhada, K., Taleb, T., Waizumi, Y., Jamalipour, A., Hashimoto, K., Kato, N., & Nemoto, Y. (2006). A multi-level security based autonomic parameter selection approach for an effective and early detection of internet worms. In IEEE GLOBECOM 2006 - 2006 Global Telecommunications Conference [4150932] (GLOBECOM - IEEE Global Telecommunications Conference). https://doi.org/10.1109/GLOCOM.2006.302