An alert communication infrastructure for a decentralized attack prevention framework

J. Garcia, J. Borrell, M.A. Jaeger, G. Muhl
2005 Proceedings 39th Annual 2005 International Carnahan Conference on Security Technology  
The cooperation between the different entities of a decentralized prevention system can be solved efficiently through the use of a publish/subscribe system. Clients share and correlate alert information about the systems they monitor. The brokers themselves form the infrastructure used for the routing of alerts. In this paper we present the advantages and convenience in using this communication model for a general decentralized prevention framework. Then, we present the design for a specific
more » ... n for a specific architecture, and evaluate our design through an available publish/subscribe message oriented middleware.
doi:10.1109/ccst.2005.1594878 fatcat:67gux77icjemviau3e2spkab4e