research-article

Defending financial infrastructures through early warning systems: the intelligence cloud approach

Authors:

Leonardo Querzoni,

Roberto Baldoni,

Mirco Marchetti,

Michele Colajanni,

Vita Bortnikov,

Gregory Chockler,

Gennady Laventman,

Alexey RoytmanAuthors Info & Claims

CSIIRW '09: Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research: Cyber Security and Information Intelligence Challenges and Strategies

Article No.: 18, Pages 1 - 4

https://doi.org/10.1145/1558607.1558628

Published: 13 April 2009 Publication History

Abstract

Recent evidence of successful Internet-based attacks and frauds involving financial institutions highlights the inadequacy of the existing protection mechanisms, in which each instutition implements its own isolated monitoring and reaction strategy. Analyzing on-line activity and detecting attacks on a large scale is an open issue due to the huge amounts of events that should be collected and processed. In this paper, we propose a large-scale distributed event processing system, called intelligence cloud, allowing the financial entities to participate in a widely distributed monitoring and detection effort through the exchange and processing of information locally available at each participating site. We expect this approach to be able to handle large amounts of events arriving at high rates from multiple domains of the financial scenario. We describe a framework based on the intelligence cloud where each participant can receive early alerts enabling them to deploy proactive countermeasures and mitigation strategies.

References

[1]

http://hadoop.apache.org/

[2]

http://www.comifin.eu/

[3]

http://www.jaql.org/

[4]

http://www.json.org/

[5]

System S, http://domino.research.ibm.com/comm/research_projects.nsf/pages/esps.index.html

[6]

AT&T "Protect your business by preventing Internet attacks", September 2004, http://www.corp.att.com/emea/docs/pb/internet_protect.pdf

[7]

ChronoPay Suffers DDoS Attack, http://www.kommersant.com/p876309/r_500/electronic_payment_processing

[8]

FBI investigates 9 Million ATM scam, http://www.myfoxny.com/dpp/news/090202_FBI_Investigates_9_Million_ATM_Scam

[9]

Liberty Reserve is down under DDoS attack, http://www.ecommerce-journal.com/news/libertyreserve_what_is_going_on

[10]

National Australia Bank hit by DDoS attack, http://www.zdnet.com.au/news/security/soa/National-Australia-Bank-hit-by-DDoS-attack/0,130061744,339271790,00.htm

[11]

Netcraft, Payment Gateway StormPay Battling Sustained DDoS Attack, http://news.netcraft.com/, 10th February, 2006

[12]

Update: Credit card firm hit by DDoS attack, http://www.computerworld.com/securitytopics/security/story/0,10801,96099,00.html

[13]

R. Baldoni, R. Beraldi, V. Quema, L. Querzoni, and S. Tucci-Piergiovanni, "TERA: topic-based event routing for peer-to-peer architectures", In Proc. of the 2007 ACM international conference on Distributed event-based systems, 2007

Digital Library

[14]

R. Baldoni, S. Bonomi, L. Querzoni, and S. Tucci-Piergiovanni, "Investigating the Existence and the Regularity of Logarithmic Harary Graphs", In Proc. of the IEEE International Symposium on Reliable Distributed Systems, 2008 (extended version to appear in Theoretical Computer Science).

Digital Library

[15]

N. Bansal, R. Bhagwan, N. Jain, Y. Park, D. S. Turaga, C. Venkaramani, "Towards Optimal Operator Placement in Partial-Fault Tolerant Applications", IEEE Infocom 2008, April, Phoenix, AZ

[16]

D. Bickson, Y. Tock, O. Shental, D. Dolev, "Polynomial Linear Programming with Gaussian Belief Propagation", In Proc. 46th Annual Allerton Conference on Communication, Control, and Computing, Monticello, IL, USA, September 2008.

[17]

G. Chockler, R. Melamed, Y. Tock, R. Vitenberg "SpiderCast: An Interest-Aware Unstructured Overlay for Topic-Based Publish/Subscribe", LADIS 2008.

[18]

F. Fu, D. S. Turaga, O. Verscheure, M. Van der Schaar, and L. Amini, "Configuring networked classifiers in distributed and resource constrained stream processing systems", In Proc. of ICASSP 2007.

[19]

Girdzijauskas, G. Chockler, Melamed, Y. Tock. "Gravity: An Interest-Aware Publish/Subscribe System Based on Structured Overlays". In Proc. of DEBS'08 (fast abstract), Rome, July 2008.

[20]

R. Melamed and I. Keidar, "Araneola: A Scalable Reliable Multicast System for Dynamic Environments". Journal of Parallel and Distributed Computing (JPDC) 68(12), December 2008.

Digital Library

[21]

Y. Vigfusson, H. Abu-Libdeh, M. Balakrishnan, K. Birman, Y. Tock, "Dr. Multicast: Rx for Datacenter Communication Scalability", In Proc. of HOTNETS '08 2008.

Cited By

Levitin GXing LXiang Y(2020)Optimal early warning defense of N-version programming service against co-resident attacks in cloud systemReliability Engineering & System Safety10.1016/j.ress.2020.106969201(106969)Online publication date: Sep-2020
https://doi.org/10.1016/j.ress.2020.106969
Levitin GXing LHuang H(2018)Security of Separated Data in Cloud Systems with Competing Attack Detection and Data Theft ProcessesRisk Analysis10.1111/risa.1321939:4(846-858)Online publication date: 12-Oct-2018
https://doi.org/10.1111/risa.13219
Senarathna IWarren MYeoh WSalzman S(2016)A Conceptual Model for Cloud Computing Adoption by SMEs in AustraliaWeb-Based Services10.4018/978-1-4666-9466-8.ch015(307-334)Online publication date: 2016
https://doi.org/10.4018/978-1-4666-9466-8.ch015
Show More Cited By

Index Terms

Defending financial infrastructures through early warning systems: the intelligence cloud approach

Recommendations

Monitoring and early warning for internet worms
CCS '03: Proceedings of the 10th ACM conference on Computer and communications security

After the Code Red incident in 2001 and the SQL Slammer in January 2003, it is clear that a simple self-propagating worm can quickly spread across the Internet, infects most vulnerable computers before people can take effective countermeasures. The fast ...
Defending against internet worms
Detecting and Defending against Worm Attacks Using Bot-honeynet
ISECS '09: Proceedings of the 2009 Second International Symposium on Electronic Commerce and Security - Volume 01

We proposed a worm detection and defense system named bot-honeynet in this paper, which combines the best features of honeynet, anomaly detection and botnet. The combination of honeynet and anomaly detection system offers a tradeoff between false ...

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences

CSIIRW '09: Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research: Cyber Security and Information Intelligence Challenges and Strategies

April 2009

952 pages

ISBN:9781605585185

DOI:10.1145/1558607

Copyright © 2009 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 13 April 2009

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Qualifiers

Research-article

Funding Sources

Seventh Framework Programme

Conference

CSIIRW '09

CSIIRW '09: Fifth Cyber Security and Information Intelligence Research Workshop

April 13 - 15, 2009

Tennessee, Oak Ridge, USA

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

10
Total Citations
View Citations
441
Total Downloads

Downloads (Last 12 months)6
Downloads (Last 6 weeks)0

Reflects downloads up to 01 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Levitin GXing LXiang Y(2020)Optimal early warning defense of N-version programming service against co-resident attacks in cloud systemReliability Engineering & System Safety10.1016/j.ress.2020.106969201(106969)Online publication date: Sep-2020
https://doi.org/10.1016/j.ress.2020.106969
Levitin GXing LHuang H(2018)Security of Separated Data in Cloud Systems with Competing Attack Detection and Data Theft ProcessesRisk Analysis10.1111/risa.1321939:4(846-858)Online publication date: 12-Oct-2018
https://doi.org/10.1111/risa.13219
Senarathna IWarren MYeoh WSalzman S(2016)A Conceptual Model for Cloud Computing Adoption by SMEs in AustraliaWeb-Based Services10.4018/978-1-4666-9466-8.ch015(307-334)Online publication date: 2016
https://doi.org/10.4018/978-1-4666-9466-8.ch015
Ferretti LColajanni MMarchetti M(2016)Implementation of Verified Set Operation Protocols Based on Bilinear AccumulatorsCryptology and Network Security10.1007/978-3-319-48965-0_41(626-636)Online publication date: 28-Oct-2016
https://doi.org/10.1007/978-3-319-48965-0_41
Senarathna IWarren MYeoh WSalzman S(2015)A Conceptual Model for Cloud Computing Adoption by SMEs in AustraliaDelivery and Adoption of Cloud Computing Services in Contemporary Organizations10.4018/978-1-4666-8210-8.ch005(100-128)Online publication date: 2015
https://doi.org/10.4018/978-1-4666-8210-8.ch005
Qusa H(2013)Does a Privacy Risk Impose a Real Threat in Collaborative Environments?Proceedings of the 2013 Palestinian International Conference on Information and Communication Technology10.1109/PICICT.2013.21(66-70)Online publication date: 15-Apr-2013
https://dl.acm.org/doi/10.1109/PICICT.2013.21
Qusa HBaldoni RBeraldi R(2012)A Privacy Preserving Scalable Architecture for Collaborative Event CorrelationProceedings of the 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications10.1109/TrustCom.2012.48(837-843)Online publication date: 25-Jun-2012
https://dl.acm.org/doi/10.1109/TrustCom.2012.48
Lamanna DLodi GBaldoni R(2012)How Not to Be Seen in the Cloud: A Progressive Privacy Solution for Desktop-as-a-ServiceOn the Move to Meaningful Internet Systems: OTM 201210.1007/978-3-642-33615-7_4(492-510)Online publication date: 2012
https://doi.org/10.1007/978-3-642-33615-7_4
Elshaafi HMcGibney JMulcahy BBotvich D(2011)Enhancement of Critical Financial Infrastructure Protection Using Trust ManagementSecure and Trust Computing, Data Management, and Applications10.1007/978-3-642-22365-5_19(156-165)Online publication date: 2011
https://doi.org/10.1007/978-3-642-22365-5_19
Baldoni RBonomi SLodi GQuerzoni LEsposito CGokhale ACotroneo DSchmidt D(2010)Data Dissemination supporting collaborative complex event processingProceedings of the First International Workshop on Data Dissemination for Large Scale Complex Critical Infrastructures10.1145/1862821.1862822(3-8)Online publication date: 27-Apr-2010
https://dl.acm.org/doi/10.1145/1862821.1862822

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents