Skip to Main Content
Communities are under attack from a variety of threat agents. The repercussions from these attacks will grow more severe as communities become increasingly reliant on cyberspace. Communities must be prepared to prevent, detect, respond to, and recover from a wide variety of cyberincidents. The timely and useful detection of cyberattacks is a first step toward fast and effective response and recovery. However, centralized community cyberincident detection scales poorly, and community members are understandably hesitant to share sensitive security information. Anonymity is vital to protecting participants' privacy, and thereby encouraging their participation. A community cyberincident detection framework based on an anonymous, distributed, scalable information-sharing architecture addresses these issues.