Presentation is loading. Please wait.

Presentation is loading. Please wait.

Volunteer-based Monitoring System Min Gyung Kang KAIST.

Published byAdrian Morris Modified over 9 years ago

Similar presentations

Presentation on theme: "Volunteer-based Monitoring System Min Gyung Kang KAIST."— Presentation transcript:

1 Volunteer-based Monitoring System Min Gyung Kang KAIST

2 Overview Emergence of new security threats  Worms and viruses  Need for global monitoring infrastructure

3 Overview Global Network Monitoring Infrastructure  DShield collects firewall logs to generate blacklist of attackers trying to perform port scans  DOMINO an architecture for distributed intrusion detection P2P overlay of axis nodes and sets of volunteers  DIMES and NETI@home research projects for gathering topology and traffic statistics data of the Internet

4 Overview Volunteer-based Monitoring System

5 Challenges Luring Participants  the most essential and difficult  reward for participation Timeliness of Feedback  fast propagation speed of malware

6 Challenges (cont’d) Scalability  load balancing issues: a large number of volunteers input data to servers Robustness of Architecture  robust against: External attacks System failure or maintenance downtime

7 Challenges (cont’d) Accuracy of Feedback  problem of frequent false alarms

8 VMS Prototype Agent (v0.1)  using raw socket interface on MS.NET  collecting flow information (srcIP, srcPort, dstIP, dstPort, procesName, numBytes, numPkts)  transmitting log files to the alarm center

9 VMS Prototype Alarm Center  single deployment  providing simple statistics based on volunteers’ flow info

10 Future Work Distributed Alarm Center Design  Scalability and Robustness  P2P overlay vs. pure hierarchy  PlanetLab as a Test Bed Agent Improvement  simple and robust architecture  automatic update

11 Future Work Standardization  log file format  communication protocol

Download ppt "Volunteer-based Monitoring System Min Gyung Kang KAIST."

Similar presentations

Virtual Network Diagnosis as a Service Wenfei Wu (UW-Madison) Guohui Wang (Facebook) Aditya Akella (UW-Madison) Anees Shaikh (IBM System Networking)

Virtual Network Diagnosis as a Service Wenfei Wu (UW-Madison) Guohui Wang (Facebook) Aditya Akella (UW-Madison) Anees Shaikh (IBM System Networking)
Intrusion Detection System(IDS) Overview Manglers Gopal Paliwal Gopal Paliwal Roshni Zawar Roshni Zawar SenthilRaja Velu SenthilRaja Velu Sreevathsa Sathyanarayana.

Intrusion Detection System(IDS) Overview Manglers Gopal Paliwal Gopal Paliwal Roshni Zawar Roshni Zawar SenthilRaja Velu SenthilRaja Velu Sreevathsa Sathyanarayana.
Network Management Basics Network management requirements OSI Management Functional Areas –Network monitoring: performance, fault, accounting –Network.

Network Management Basics Network management requirements OSI Management Functional Areas –Network monitoring: performance, fault, accounting –Network.
Clayton Sullivan PEER-TO-PEER NETWORKS. INTRODUCTION What is a Peer-To-Peer Network A Peer Application Overlay Network Network Architecture and System.

Clayton Sullivan PEER-TO-PEER NETWORKS. INTRODUCTION What is a Peer-To-Peer Network A Peer Application Overlay Network Network Architecture and System.
Internet Measurement Initiatives in the Wisconsin Advanced Internet Lab Paul Barford Computer Science Department University of Wisconsin – Madison Spring,

Internet Measurement Initiatives in the Wisconsin Advanced Internet Lab Paul Barford Computer Science Department University of Wisconsin – Madison Spring,
Extensible Networking Platform 1 1 - IWAN 2005 Extensible Network Configuration and Communication Framework Todd Sproull and John Lockwood

Extensible Networking Platform IWAN 2005 Extensible Network Configuration and Communication Framework Todd Sproull and John Lockwood
SANE: A Protection Architecture for Enterprise Networks Offense by: Amit Mondal Bert Gonzalez.

SANE: A Protection Architecture for Enterprise Networks Offense by: Amit Mondal Bert Gonzalez.
1.  To analyze and explain the IDS placement in network topology  To explain the relationship between honey pots and IDS  To explain, analyze and evaluate.

1.  To analyze and explain the IDS placement in network topology  To explain the relationship between honey pots and IDS  To explain, analyze and evaluate.
 Controls that provide security against internal and external threats  2 Types of access controls: › Physical controls › Logical controls.

 Controls that provide security against internal and external threats  2 Types of access controls: › Physical controls › Logical controls.
5/1/2006Sireesha/IDS1 Intrusion Detection Systems (A preliminary study) Sireesha Dasaraju CS526 - Advanced Internet Systems UCCS.

5/1/2006Sireesha/IDS1 Intrusion Detection Systems (A preliminary study) Sireesha Dasaraju CS526 - Advanced Internet Systems UCCS.
Distributed Intrusion Detection Systems (dIDS) 2/10 CIS 610.

Distributed Intrusion Detection Systems (dIDS) 2/10 CIS 610.
Probabilistic Data Aggregation Ling Huang, Ben Zhao, Anthony Joseph Sahara Retreat January, 2004.

Probabilistic Data Aggregation Ling Huang, Ben Zhao, Anthony Joseph Sahara Retreat January, 2004.
1 PLuSH – Mesh Tree Fast and Robust Wide-Area Remote Execution Mikhail Afanasyev ‧ Jose Garcia ‧ Brian Lum.

1 PLuSH – Mesh Tree Fast and Robust Wide-Area Remote Execution Mikhail Afanasyev ‧ Jose Garcia ‧ Brian Lum.
Worm Defense. Outline  Internet Quarantine: Requirements for Containing Self-Propagating Code  Netbait: a Distributed Worm Detection Service  Midgard.

Worm Defense. Outline  Internet Quarantine: Requirements for Containing Self-Propagating Code  Netbait: a Distributed Worm Detection Service  Midgard.
Enhanced Secure Dynamic DNS Update with Indirect Route David Wilkinson, C. Edward Chow, Yu Cai 06/11/2004 University of Colorado at Colorado Springs IEEE.

Enhanced Secure Dynamic DNS Update with Indirect Route David Wilkinson, C. Edward Chow, Yu Cai 06/11/2004 University of Colorado at Colorado Springs IEEE.
Data Security in Local Networks using Distributed Firewalls

Data Security in Local Networks using Distributed Firewalls
Introducing Quick Heal Endpoint Security 5.3. “Quick Heal Endpoint Security 5.3 is designed to provide simple, intuitive centralized management and control.

Introducing Quick Heal Endpoint Security 5.3. “Quick Heal Endpoint Security 5.3 is designed to provide simple, intuitive centralized management and control.
Intrusion Detection System Marmagna Desai [ 520 Presentation]

Intrusion Detection System Marmagna Desai [ 520 Presentation]
Kaspersky Open Space Security: Release 2 World-class security solution for your business.

Kaspersky Open Space Security: Release 2 World-class security solution for your business.
INTRUSION DETECTION SYSTEMS Tristan Walters Rayce West.

INTRUSION DETECTION SYSTEMS Tristan Walters Rayce West.

Similar presentations

Ads by Google