By Topic

Information sharing requirements and framework needed for community cyber incident detection and response

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
Harrison, K. ; Dept. of Comput. Sci., Univ. of Texas at San Antonio, San Antonio, TX, USA ; White, G.

Communities, and the critical infrastructure that they rely upon, are becoming ever increasingly integrated into cyberspace. At the same time, communities are experiencing increasing activity and sophistication from a variety of threat agents. The effect of cyber attacks on communities has been observed, and the frequency and devastation of these attacks can only increase in the foreseeable future. Early detection of these attacks is critical for a fast and effective response. We propose detecting community cyber incidents by comparing indicators from community members across space and time. Performing spatiotemporal differentiation on these indicators requires that community members, such as private and governmental organizations, share information about these indicators. However, community members are, for good reasons, reluctant to share sensitive security related information. Additionally, sharing large amounts of information with a trusted, centralized location introduces scalability and reliability problems. In this paper we define the information sharing requirements necessary for fast, effective community cyber incident detection and response, while addressing both privacy and scalability concerns. Furthermore, we introduce a framework to meet these requirements, and analyze a proof of concept implementation.

Published in:

Homeland Security (HST), 2012 IEEE Conference on Technologies for

Date of Conference:

13-15 Nov. 2012