Share Email Print

Proceedings Paper

Identifying and tracking attacks on networks: C3I displays and related technologies
Author(s): Gavin W. Manes; J. Dawkins; Sujeet Shenoi; John C. Hale
Format Member Price Non-Member Price
PDF $14.40 $18.00
cover GOOD NEWS! Your organization subscribes to the SPIE Digital Library. You may be able to download this paper for free. Check Access

Paper Abstract

Converged network security is extremely challenging for several reasons; expanded system and technology perimeters, unexpected feature interaction, and complex interfaces all conspire to provide hackers with greater opportunities for compromising large networks. Preventive security services and architectures are essential, but in and of themselves do not eliminate all threat of compromise. Attack management systems mitigate this residual risk by facilitating incident detection, analysis and response. There are a wealth of attack detection and response tools for IP networks, but a dearth of such tools for wireless and public telephone networks. Moreover, methodologies and formalisms have yet to be identified that can yield a common model for vulnerabilities and attacks in converged networks. A comprehensive attack management system must coordinate detection tools for converged networks, derive fully-integrated attack and network models, perform vulnerability and multi-stage attack analysis, support large-scale attack visualization, and orchestrate strategic responses to cyber attacks that cross network boundaries. We present an architecture that embodies these principles for attack management. The attack management system described engages a suite of detection tools for various networking domains, feeding real-time attack data to a comprehensive modeling, analysis and visualization subsystem. The resulting early warning system not only provides network administrators with a heads-up cockpit display of their entire network, it also supports guided response and predictive capabilities for multi-stage attacks in converged networks.

Paper Details

Date Published: 22 September 2003
PDF: 9 pages
Proc. SPIE 5071, Sensors, and Command, Control, Communications, and Intelligence (C3I) Technologies for Homeland Defense and Law Enforcement II, (22 September 2003); doi: 10.1117/12.500850
Show Author Affiliations
Gavin W. Manes, Univ. of Tulsa (United States)
J. Dawkins, Univ. of Tulsa (United States)
Sujeet Shenoi, Univ. of Tulsa (United States)
John C. Hale, Univ. of Tulsa (United States)

Published in SPIE Proceedings Vol. 5071:
Sensors, and Command, Control, Communications, and Intelligence (C3I) Technologies for Homeland Defense and Law Enforcement II
Edward M. Carapezza, Editor(s)

© SPIE. Terms of Use
Back to Top