Inter-organisational intrusion detection using knowledge grid technology

Michael Pilgermann, Andrew Blyth, Stilianos Vidalis

Research output: Contribution to journalArticlepeer-review

3 Citations (Scopus)

Abstract

Purpose - This paper introduces a solution for employing intrusion detection technology across organisational boundaries by using knowledge grid technology. Design/methodology/approach - Employment of intrusion detection technology is currently limited to inside organisation deployments. By setting up communities, which maintain trust relationships between network nodes anywhere in the internet, security event data, structured into a common XML-based format, can be exchanged in a secure and reliable manner. Findings - A modular architecture has been developed which provides functionality to integrate different audit data generating applications and share knowledge about incidents, vulnerabilities and countermeasures from all over the internet. A security policy, based on the Chinese Wall Security Policy, ensures the protection of information inserted into the network. Research limitations/implications - The solution is currently in a preliminary stage, providing the description of the design only. Implementation as well as evaluation is under development. Practical im plications - Trusting communities everywhere in the internet will be brought into being so that people may establish trust relationships between each other. Participants may decide themselves whom they trust as a source for security-related information rather than depending on centralised approaches. Originality/value - No approach is known combining the two technologies - intrusion detection and grid - as described in this paper. The decentralised, peer-to-peer based grid approach together with the introduction of trust relationships and communities results in a new way of thinking about distributing security audit data.

Original languageEnglish
Pages (from-to)327-342
Number of pages16
JournalInformation Management & Computer Security
Volume14
Issue number4
DOIs
Publication statusPublished - 2006

Keywords

  • Computer crime
  • Data security
  • Supply chain management

Fingerprint

Dive into the research topics of 'Inter-organisational intrusion detection using knowledge grid technology'. Together they form a unique fingerprint.

Cite this