survey

Collaborative Security: A Survey and Taxonomy

Authors:
Guozhu Meng

Nanyang Technological University, Singapore

Nanyang Technological University, Singapore
View Profile

,
Yang Liu

Nanyang Technological University, Singapore

Nanyang Technological University, Singapore
View Profile

,
Jie Zhang

Nanyang Technological University, Singapore

Nanyang Technological University, Singapore
View Profile

,
Alexander Pokluda

University of Waterloo, Canada

University of Waterloo, Canada
View Profile

,
Raouf Boutaba

University of Waterloo, Canada

University of Waterloo, Canada
View Profile

Authors Info & Claims

ACM Computing Surveys Volume 48 Issue 1Article No.: 1pp 1–42https://doi.org/10.1145/2785733

Published:22 July 2015Publication History

ACM Computing Surveys

Abstract

Security is oftentimes centrally managed. An alternative trend of using collaboration in order to improve security has gained momentum over the past few years. Collaborative security is an abstract concept that applies to a wide variety of systems and has been used to solve security issues inherent in distributed environments. Thus far, collaboration has been used in many domains such as intrusion detection, spam filtering, botnet resistance, and vulnerability detection. In this survey, we focus on different mechanisms of collaboration and defense in collaborative security. We systematically investigate numerous use cases of collaborative security by covering six types of security systems. Aspects of these systems are thoroughly studied, including their technologies, standards, frameworks, strengths and weaknesses. We then present a comprehensive study with respect to their analysis target, timeliness of analysis, architecture, network infrastructure, initiative, shared information and interoperability. We highlight five important topics in collaborative security, and identify challenges and possible directions for future research. Our work contributes the following to the existing research on collaborative security with the goal of helping to make collaborative security systems more resilient and efficient. This study (1) clarifies the scope of collaborative security, (2) identifies the essential components of collaborative security, (3) analyzes the multiple mechanisms of collaborative security, and (4) identifies challenges in the design of collaborative security.

References

Sharad Agarwal, Ratul Mahajan, Alice Zheng, and Victor Bahl. 2010. There’s an app for that, but it doesn’t work. Diagnosing mobile applications in the wild. In Proceedings of the 9th ACM SIGCOMM Workshop on Hot Topics in Networks (HotNets’10). 1--6. Google ScholarDigital Library
Sheikh I Ahamed, Donghyun Kim, Chowdhury S. Hasan, and Mohammad Zulkernine. 2009. Towards developing a trust-based security solution. In Proceedings of the 24th ACM Symposium on Applied Computing (SAC’09). 2204--2205. Google ScholarDigital Library
Patrick Albers, Olivier Camp, JeanMarc Percher, Bernard Jouga, and Ricardo Puttini. 2002. Security in ad hoc networks: A general intrusion detection architecture enhancing trust based approaches. In Proceedings of the 1st International Workshop on Wireless Information Systems (WIS’02). 1--12.Google Scholar
Tiranuch Anantvalee and Jie Wu. 2007. A survey on intrusion detection in mobile ad hoc networks. Wireless Network Security (WNS) 2, 159--180.Google ScholarCross Ref
Myrto Arapinis, Loretta Mancini, Eike Ritter, Mark Ryan, Nico Golde, Kevin Redon, and Ravishankar Borgaonkar. 2012. New privacy issues in mobile telephony: Fix and verification. In Proceedings of the 19th ACM Conference on Computer and Communications Security (CCS’12). 205--216. Google ScholarDigital Library
Dimitrios Baltatzis, Christos Ilioudis, and George Pangalos. 2012. A role engineering framework to support dynamic authorizations in collaborative environments. Information Security Journal: A Global Perspective 21, 1 (Jan. 2012), 12--27.Google ScholarCross Ref
Elad Barkan, Eli Biham, and Nathan Keller. 2003. Instant ciphertext-only cryptanalysis of GSM encrypted communication. Advances in Cryptology (CRYPTO) 21, 3 (March 2003), 392--429. Google ScholarDigital Library
Michael Becher. 2009. Security of Smartphones at the Dawn of Their Ubiquitousness. Universität Mannheim.Google Scholar
Bro. 2013. The Bro Network Security Monitor. Retrieved from http://www.bro-ids.org/.Google Scholar
Rainer Bye. 2013. Group-based IDS Collaboration Framework: A Case Study of the Artificial Immune System. Berlin.Google Scholar
Rainer Bye and Sahin Albayrak. 2008. CIMD-Collaborative Intrusion and Malware Detection. Technical Report TUB-DAI 08/08-01. Technische Universität Berlin-DAI-Labor. 1--29 pages.Google Scholar
Rainer Bye, Seyit Ahmet Camtepe, and Sahin Albayrak. 2010. Collaborative intrusion detection framework: Characteristics, adversarial opportunities and countermeasures. In Proceedings of the 19th International Conference on Collaborative Methods for Security and Privacy (CollSec’10). Google ScholarDigital Library
Giuseppe Cardone, Paolo Bellavista, Antonio Corradi, and Luca Foschini. 2011. Effective collaborative monitoring in smart cities: Converging MANET and WSN for fast data collection. In Proceedings of ITU Kaleidoscope 2011: The Fully Networked Human Innovations for Future Networks and Services (K2011). 1--8.Google Scholar
Godwin Caruana and Maozhen Li. 2012. A survey of emerging approaches to spam filtering. ACM Computing Surveys (CSUR) 44, 2 (Feb. 2012), 9:1--9:27. Google ScholarDigital Library
Sang Kil Cha, Iulian Moraru, Jiyong Jang, John Truelove, David Brumley, and David G. Andersen. 2011. SplitScreen: Enabling efficient, distributed malware detection. In Proceedings of the 7th USENIX Conference on Networked Systems Design and Implementation (USENIX’11). 25--38. Google ScholarDigital Library
Varun Chandola, Arindam Banerjee, and Vipin Kumar. 2009. Anomaly detection: A survey. ACM Computing Surveys (CSUR) 41, 3 (July 2009), 15:1--15:58. Google ScholarDigital Library
Shuo Chen, Rui Wang, XiaoFeng Wang, and Kehuan Zhang. 2010. Side-channel leaks in web applications: A reality today, a challenge tomorrow. In Proceedings of the 31st IEEE Symposium on Security and Privacy (S&P’’10). 191--206. Google ScholarDigital Library
Jerry Cheng, S. H. Y. Wong, Hao Yang, and Songwu Lu. 2007. SmartSiren: Virus detection and alert for smartphones. In Proceedings of the 5th International Conference on Mobile Systems, Applications and Services (MobiSys’07). 258--271. Google ScholarDigital Library
ChinaNews. 2013. Millions of Android Users Are at Risk of Largest-so-BotNet. Retrieved from http://finance.chinanews.com/it/2013/01-09/4474630.shtml.Google Scholar
Chia Yuan Cho, Domagoj Babi ć, Eui Chul Richard Shin, and Dawn Song. 2010. Inference and analysis of formal models of botnet command and control protocols. In Proceedings of the 17th ACM Conference on Computer and Communications Security (CCS’10). 426--439. Google ScholarDigital Library
Cloudmark 2013. Spam, a Large Collaborative Spam-filtering Community. Retrieved from http://cloudmark.com.Google Scholar
CMU. 2004. CERT. Retrieved from http://www.cert.org/.Google Scholar
Lucian Constantin. 2013. Attackers Are Now Exploiting a Java Zero-day Vulnerability. Retrieved from http://www.computerworld.com/s/article/9235550/Attackers_are_now_exploiting_a_Java_zero_day_vulnerability.Google Scholar
Zoltán Czirkos and Gábor Hosszú. 2012. Enhancing collaborative intrusion detection methods using a kademlia overlay network. In Information and Communication Technologies (ICT), Vol. 7479. 52--63.Google ScholarCross Ref
David Dagon, Tom Martin, and Thad Starner. 2004. Mobile phones as computing devices: The viruses are coming! IEEE Pervasive Computing 3, 4 (Oct. 2004), 11--15. Google ScholarDigital Library
John R. Douceur. 2002. The Sybil attack. In Proceedings of the 1st International Workshop on Peer-to-Peer Systems (IPTPS’02). 251--260. Google ScholarDigital Library
Dshield 2013. Dshield. http://www.dshield.org/.Google Scholar
Claudiu Duma, Martin Karresand, Nahid Shahmehri, and Germano Caronni. 2006. A trust-aware, p2p-based overlay for intrusion detection. In Proceedings of the 17th International Conference on Database and Expert Systems Applications (DEXA’06). 692--697. Google ScholarDigital Library
Huwaida Tagelsir Elshoush and Izzeldin Mohamed Osman. 2011. Alert correlation in collaborative intelligent intrusion detection systems: A survey. Applied Soft Computing 11, 7 (Jan. 2011), 4349--4365. Google ScholarDigital Library
William Enck, Peter Gilbert, ByungGon Chun, Landon P. Cox, Jaeyeon Jung, Patrick McDaniel, and Anmol N. Sheth. 2010. TaintDroid: An information-flow tracking system for realtime privacy monitoring on smartphones. In Proceedings of the 9th USENIX Conference on Operating Systems Design and Implementation (USENIX’10). 1--6. Google ScholarDigital Library
Adam P. Fuchs, Avik Chaudhuri, and Jeffrey S. Foster. 2009. SCanDroid: Automated security certification of android applications. In Proceedings of the 31st IEEE Symposium on Security and Privacy (S&P).Google Scholar
Carol Fung. 2011. Collaborative intrusion detection networks and insider attacks. Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications 2, 1, 63--74.Google Scholar
Carol J. Fung, Jie Zhang, Issam Aib, and Raouf Boutaba. 2009. Robust and scalable trust management for collaborative intrusion detection. In Proceedings of the 11th IFIP/IEEE International Symposium on Integrated Network Management (IM’09). New York, 33--40. Google ScholarDigital Library
Carol J. Fung, Jie Zhang, and Raouf Boutaba. 2010. Effective acquaintance management for collaborative intrusion detection networks. In Proceedings of the 6th International Conference on Network and Service Management (CNSM’10). 158--165.Google ScholarCross Ref
Michael Grace, Yajin Zhou, Zhi Wang, and Xuxian Jiang. 2012. Systematic detection of capability leaks in stock android smartphones. In Proceedings of the 19th Network and Distributed System Security Symposium (NDSS’12).Google Scholar
Philip Gross, Janak Parekh, and Gail Kaiser. 2004. Secure “Selecticast” for collaborative intrusion detection systems. In Proceedings of the 3rd International Workshop on Distributed Event-Based Systems (DEBS’04).Google ScholarCross Ref
Qijun Gu, Wanyu Zang, Meng Yu, and Peng Liu. 2012. Collaborative traffic-aware intrusion monitoring in multi-channel mesh networks. In Proceedings of the 11th International Conference on Trust, Security and Privacy in Computing and Communications. 793--800. Google ScholarDigital Library
Amir Houmansadr and Nikita Borisov. 2012a. BotMosaic: Collaborative network watermark for botnet detection. CoRR abs/1203.1568, 1--24.Google Scholar
Amir Houmansadr and Nikita Borisov. 2012b. BotMosaic: Collaborative network watermark for the detection of IRC-based botnets. Journal of Systems and Software 86, 3 (Nov. 2012), 707--715. Google ScholarDigital Library
Yian Huang and Wenke Lee. 2003. A cooperative intrusion detection system for ad hoc networks. In Proceedings of the 1st ACM Workshop on Security of Ad Hoc and Sensor Networks (SASN’03). 135--147. Google ScholarDigital Library
Nwokedi Idika and Aditya P. Mathur. 2007. A Survey of Malware Detection Techniques. Technical Report. Purdue University.Google Scholar
Vineay M. Igure and Ronald D. Williams. 2008. Taxonomies of attacks and vulnerabilities in computer systems. Communications Surveys & Tutorials (CST), 6--19. Google ScholarDigital Library
Ramaprabhu Janakiraman, Marcel Waldvogel, and Qi Zhang. 2003. Indra: A peer-to-peer approach to network intrusion detection and prevention. In Proceedings of the 12th International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE’03). 226--231. Google ScholarDigital Library
Xuxian Jiang and Yajin Zhou. 2013. Android Malware. Springer. Google ScholarDigital Library
Oleg Kachirski and Ratan Guha. 2003. Effective intrusion detection using multiple sensors in wireless ad hoc networks. In Proceedings of the 36th Annual Hawaii International Conference on System Sciences (HICSS’03), Vol. 2. 57--64. Google ScholarDigital Library
Hahnsang Kim, Joshua Smith, and Kang G. Shin. 2008. Detecting energy-greedy anomalies and mobile malware variants. In Proceedings of the 6th International Conference on Mobile Systems, Applications and Services (MobiSys’08). 239--252. Google ScholarDigital Library
Jungwon Kim, Julie Greensmith, Jamie Twycross, and Uwe Aickelin. 2010. Malicious code execution detection and response immune system inspired by the danger theory. CoRR abs/1003.4142.Google Scholar
Paul Kocher, Joshua Jaffe, and Benjamin Jun. 1999. Differential power analysis. In Proceedings of the 19th Annual International Cryptology Conference (CRYPTO’99). 388--397. Google ScholarDigital Library
Joseph S. Kong, Behnam A. Rezaei, Nima Sarshar, Vwani P. Roychowdhury, and P. Oscar Boykin. 2006. Collaborative spam filtering using e-mail networks. Computer 39, 8 (Aug. 2006), 67--73. Google ScholarDigital Library
Ioannis Krontiris, Zinaida Benenson, and Thanassis Giannetsos. 2009. Cooperative intrusion detection in wireless sensor networks. In Proceedings of the 6th European Conference on Wireless Sensor Networks (EWSN’09). 263--278. Google ScholarDigital Library
Ioannis Krontiris, Tassos Dimitriou, and Felix C. Freiling. 2007a. Towards intrusion detection in wireless sensor networks. In Proceedings of the 13th European Wireless Conference (EWC’07). 16.Google Scholar
Ioannis Krontiris, Tassos Dimitriou, Thanassis Giannetsos, and Marios Mpasoukos. 2007b. Intrusion detection of sinkhole attacks in wireless sensor networks. In Proceedings of the 3rd International Conference on Algorithmic Aspects of Wireless Sensor Networks (ALGOSENSORS’07). 150--161. Google ScholarDigital Library
Gu-Hsin Lai, Chia-Mei Chen, Chi-Sung Laih, and Tsuhan Chen. 2009. A collaborative anti-spam system. Expert Systems with Applications 36, 3 (April 2009), 6645--6653. Google ScholarDigital Library
Kang Li, Zhenyu Zhong, and L Ramaswamy. 2009. Privacy-aware collaborative spam filtering. IEEE Transactions on Parallel and Distributed Systems 20, 5 (May 2009), 725--739. Google ScholarDigital Library
Ching Lin and Vijay Varadharajan. 2006. Trust enhanced security - a new philosophy for secure collaboration of mobile agents. In Proceedings of the International Conference on Collaborative Computing: Networking, Applications and Worksharing. 1--8.Google ScholarCross Ref
Patrick Lincoln, Phillip Porras, and Vitally Shmatikov. 2004. Privacy-preserving sharing and correction of security alerts. In Proceedings of the 13th Conference on USENIX Security Symposium (USENIX’04), Vol. 13. 1--17. Google ScholarDigital Library
Michael Locasto, Janak J. Parekh, Angelos D. Keromytis, and Salvatore J. Stolfo. 2005. Towards collaborative security and p2p intrusion detection. In Proceedings of the 6th IEEE Information Assurance Workshop (IAW’05). 333--339.Google Scholar
K. Luther, R. Bye, T. Alpcan, a. Muller, and S. Albayrak. 2007. A cooperative AIS framework for intrusion detection. In Proceedings of the IEEE International Conference on Communications (ICC’07). 1409--1416.Google Scholar
David J. Malan. 2007. Rapid Detection of Botnets Through Collaborative Networks of Peers. Ph.D. Dissertation. Harvard University. Google ScholarDigital Library
Mirco Marchetti, Michele Messori, and Michele Colajanni. 2009. Peer-to-peer architecture for collaborative intrusion and malware detection on a large scale. In Proceedings of the 12th International Conference on Information Security (ISC’09). 475--490. Google ScholarDigital Library
Microsoft. 2013. Common Types of Network Attacks. http://technet.microsoft.com/en-us/library/cc959354.aspxGoogle Scholar
Microsoft. 2014. Account Lockout Policy Overview. Retrieved from http://technet.microsoft.com/en-us/library/cc783851(v=ws.10).aspx.Google Scholar
Markus Miettinen and Perttu Halonen. 2006. Host-based intrusion detection for advanced mobile devices. In Proceedings of the 20th International Conference on Advanced Information Networking and Applications (AINA’06). 72--76. Google ScholarDigital Library
MIT Corporation. 2003a. Common Attack Pattern Enumeration and Classification. Retrieved from http://capec.mitre.org.Google Scholar
MIT Corporation. 2003b. Common Vulnerabilities and Exposures. Retrieved from http://cve.mitre.org.Google Scholar
Daniel C. Nash, Thomas L. Martin, Dong S. Ha, and Michael S. Hsiao. 2005. Towards an intrusion detection system for battery exhaustion attacks on mobile computing devices. In Proceedings of the 3rd IEEE International Conference on Pervasive Computing and Communications Workshops (PerCom’05). 141--145. Google ScholarDigital Library
Jon Oberheide and Farnam Jahanian. 2010. When mobile is harder than fixed (and vice versa): Demystifying security challenges in mobile environments. In Proceedings of the 7th Workshop on Mobile Computing Systems & Applications (HotMobile’’10). 43--48. Google ScholarDigital Library
Adam J. O’Donnell and Vipul Ved Prakash. 2006. Applying collaborative anti-spam techniques to the anti-virus problem. In Virus Bulletin. Montreal.Google Scholar
Adam J. Oliner, Anand Iyer, Eemil Lagerspetz, Sasu Tarkoma, and Ion Stoica. 2012. Collaborative energy debugging for mobile devices. In Proceedings of the 8th USENIX Conference on Hot Topics in System Dependability (USENIX’12). 6--11. Google ScholarDigital Library
OSSEC 2013. Open Source SECurity. http://www.ossec.net/.Google Scholar
Animesh Patcha and Amitabh Mishra. 2003. Collaborative security architecture for black hole attack prevention in mobile ad hoc networks. In Proceedings of the 6th IEEE Radio and Wireless Symposium (RWS’03). 75--78.Google ScholarCross Ref
Al-Sakib Khan Pathan, Hyung-Woo Lee, and Choong Seon Hong. 2006. Security in wireless sensor networks: Issues and challenges. In Proceedings of the 8th International Conference Advanced Communication Technology (ICACT), Vol. 2. 1043--1048.Google ScholarCross Ref
Manuel Gil Pérez, Félix Gómez Mármol, Gregorio Martínez Pérez, and Antonio F. Gómez Skarmeta. 2011. Mobility in collaborative alert systems: Building trust through reputation. In Proceedings of the IFIP/TC 6th International Conference on Networking (NETWORKING’11). 251--262. Google ScholarDigital Library
Stefan Pütz, Roland Schmitz, and Tobias Martin. 2001. Security mechanisms in UMTS. Datenschutz und Datensicherheit 25, 6, 1--10.Google Scholar
Zhiyun Qian, Z. Morley Mao, and Yinglian Xie. 2012. Collaborative TCP sequence number inference attack: How to crack sequence number under a second. In Proceedings of the 19th ACM Conference on Computer and Communications Security (CCS’12). 593--604. Google ScholarDigital Library
Radmilo Racic, Denys Ma, and Hao Chen. 2006. Exploiting MMS vulnerabilities to stealthily exhaust mobile phone’s battery. In Securecomm and Workshops. 1--10.Google ScholarCross Ref
Jason Reed, Adam J. Aviv, Daniel Wagner, Andreas Haeberlen, Benjamin C. Pierce, and Jonathan M. Smith. 2010. Differential privacy for collaborative security. In Proceedings of the 3rd European Workshop on System Security (EUROSEC’10). ACM, 1--7. Google ScholarDigital Library
Paul Resnick, Ko Kuwabara, Richard Zeckhauser, and Eric Friedman. 2000. Reputation systems. Communicatinos of the ACM 43, 12, 45--48. Google ScholarDigital Library
Hiren Kumar Deva Sarma Sarma and Avijit Kar. 2006. Security threats in wireless sensor networks. In Proceedings of 40th Annual IEEE International Carnahan Conferences on Security Technology (ICCST’06). 243--251.Google ScholarCross Ref
Roman Schlegel, Kehuan Zhang, Xiao yong Zhou, Mehool Intwala, Apu Kapadia, and XiaoFeng Wang. 2011. Soundcomber: A stealthy and context-aware sound trojan for smartphones. In Proceedings of the 18th Network and Distributed System Security Symposium (NDSS’11).Google Scholar
Aubrey-Derrick Schmidt, Rainer Bye, and Hans-Gunther Schmidt. 2008. Monitoring Android for Collaborative Anomaly Detection: A First Architectural Draft. Technical Report TUB-DAI 08/08-02. DAI-Labor der Technischen Universität Berlin.Google Scholar
Aubrey-Derrick Schmidt, Rainer Bye, Hans-Gunther Schmidt, Jan Clausen, Osman Kiraz, Kamer A. Yüksel, Seyit A. Camtepe, and Sahin Albayrak. 2009. Static analysis of executables for collaborative malware detection on android. In Proceedings of the 8th IEEE International Conference on Communications (ICC’09). 631--635. Google ScholarDigital Library
SecurityFocus. 2003. BUGTRAQ, Security Focus Online. Retrieved from http://www.securityfocus.com/.Google Scholar
JeanMarc Seigneur and Adam Slagell. 2009. Collaborative Computer Security and Trust Management. IGI Global, Hershey, New York. Google ScholarDigital Library
Kalpana Sharma and M. K. Ghose. 2010. Wireless sensor networks: An overview on its security threats. In IJCA Special Issue on “Mobile Ad-hoc Networks.” 42--45.Google Scholar
Wenxuan Shi, Maoqiang Xie, and Yalou Huang. 2011. Collaborative spam filtering technique based on MIME fingerprints. In Proceedings of the 9th World Congress on Intelligent Control and Automation (WCICA’11). 225--230.Google Scholar
Chris Simmons, Charles Ellis, Sajjan Shiva, Dipankar Dasgupta, and Qishi Wu. 2009. AVOIDIT: A Cyber Attack Taxonomy. Technical Report CS-09-003. University of Memphis.Google Scholar
Kapil Singh, Samrit Sangal, Nehil Jain, Patrick Traynor, and Wenke Lee. 2010. Evaluating bluetooth as a medium for botnet command and control. In Proceedings of the 7th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA’10). 61--80. Google ScholarDigital Library
Michael Sirivianos, Kyungbaek Kim, and Xiaowei Yang. 2011. SocialFilter: Introducing social trust to collaborative spam mitigation. In Proceedings of the 30th IEEE International Conference on Computer and Communications (INFOCOM’11). 2300--2308.Google ScholarCross Ref
SNORT. 2013. Snort. Retrieved from http://www.snort.org/.Google Scholar
Dawn Xiaodong Song, David Wagner, and Xuqing Tian. 2001. Timing analysis of keystrokes and timing attacks on SSH. In Proceedings of the 10th Conference on USENIX Security Symposium (USENIX’01), Vol. 10. 25--25. Google ScholarDigital Library
Pedro Sousa, Artur Machado, Miguel Rocha, Paulo Cortez, and Miguel Rio. 2010. A collaborative approach for spam detection. In Proceedings of the 2nd International Conference on Evolving Internet (INTERNET’10). 92--97. Google ScholarDigital Library
Matija Stevanovic, Kasper Revsbech, and Jens Myrup Pedersen. 2012. A collaborative approach to botnet protection. In Proceedings of the International Cross-Domain Conference and Workshop on Availability, Reliability, and Security (CD-ARES’12). 624--638.Google ScholarCross Ref
Symantec. 2012. Internet Security Threat Report. Technical Report 17. Symantec.Google Scholar
Symantec. 2013. Internet Security Threat Report. Technical Report 18. Symantec.Google Scholar
Patrick Traynor, William Enck, Patrick McDaniel, and Thomas La Porta. 2006. Mitigating attacks on open functionality in SMS-capable cellular networks. In Proceedings of the 12th Annual International Conference on Mobile Computing and Networking (MobiCom’06). 182--193. Google ScholarDigital Library
Tripwire. 2013. Tripwire, Inc IT Security Software to Improve Data Security and Regulatory Compliance. Retrieved from http://www.tripwire.com/.Google Scholar
Shian-Shyong Tseng, Ai-Chin Lu, Nai-Wen Hsu, Geng-Da Tsai, and Ching-Heng Ku. 2011. Building an anti-botnet platform to mitigate botnet. In Recent Researches in Communications and Computers. 409--413.Google Scholar
Jeffery Undercoffer, Sasikanth Avancha, Anupam Joshi, and John Pinkston. 2002. Security for sensor networks. CADIP.Google Scholar
Jeffrey Undercoffer, Anupam Joshi, and John Pinkston. 2003. Modeling computer attacks: An ontology for intrusion detection. In Recent Advances in Intrusion Detection (RAID), 113--135.Google Scholar
Martin Vuagnoux and Sylvain Pasini. 2009. Compromising electromagnetic emanations of wired and wireless keyboards. In Proceedings of the 18th Conference on USENIX Security Symposium (USENIX’09). 1--16. Google ScholarDigital Library
Hailong Wang and Zhenghu Gong. 2009. Collaboration-based botnet detection architecture. In Proceedings of the 2nd International Conference on Intelligent Computation Technology and Automation (ICICTA’09). 375--378. Google ScholarDigital Library
Wikipedia. 2014. Interoperability. Retrieved from http://en.wikipedia.org/wiki/Interoperability.Google Scholar
Benny Wong. 2006. PalProtect: A collaborative security approach to comment spam. In Proceedings of the IEEE Information Assurance Workshop. 170--175.Google ScholarCross Ref
Dingbang Xu and Peng Ning. 2005. Privacy-preserving alert correlation : A concept hierarchy based approach. In Proceedings of the 21st Annual Computer Security Applications Conference (ACSAC’05). 537--546. Google ScholarDigital Library
Vinod Yegneswaran, Paul Barford, and Somesh Jha. 2004. Global intrusion detection in the domino overlay system. In Proceedings of Network and Distributed System Security Symposium (NDSS’04).Google Scholar
Jinqiao Yu, Y. V. Ramana Reddy, Sentil Selliah, Srinivas Kankanahalli, and Sumitra Reddy. 2004. A collaborative architecture for intrusion detection systems with intelligent agents and knowledge-based alert evaluation. In Proceedings of the 8th International Conference on Computer Supported Cooperative Work in Design, Vol. 2. 271--276.Google Scholar
Yongguang Zhang, Wenke Lee, and Y. A. Huang. 2003. Intrusion detection techniques for mobile wireless networks. Wireless Networks 9, 5 (Sept. 2003), 545--556. Google ScholarDigital Library
Zhenyu Zhong, Lakshmish Ramaswamy, and Kang Li. 2008. ALPACAS: A large-scale privacy-aware collaborative anti-spam system. In Proceedings of the 27th IEEE International Conference on Computer and Communications (INFOCOM’08). 556--564.Google ScholarCross Ref
Chenfeng Zhou. 2007. Evaluation of a decentralized architecture for large scale collaborative intrusion detection. In Proceedings of the 10th IFIP/IEEE International Symposium on Integrated Network Management (IM’07). 80--89.Google ScholarCross Ref
Chenfeng Vincent Zhou, Christopher Leckie, and Shanika Karunasekera. 2009. Collaborative detection of fast flux phishing domains. Journal of Networks (JNW) 4, 1 (Feb. 2009), 75--84.Google Scholar
Chenfeng Vincent Zhou, Christopher Leckie, and Shanika Karunasekera. 2010. A survey of coordinated attacks and collaborative intrusion detection. Computers & Security 29, 1, 124--140. Google ScholarDigital Library
Yajin Zhou and Xuxian Jiang. 2012. Dissecting android malware: Characterization and evolution. In Proceedings of the 33rd IEEE Symposium on Security and Privacy (S&P). Washington, DC, 95--109. Google ScholarDigital Library
Quanyan Zhu, Carol Fung, Raouf Boutaba, and Tamer Baar. 2012. GUIDEX: A game-theoretic incentive-based mechanism for intrusion detection networks. IEEE Journal on Selected Areas in Communications 30, 11 (December 2012), 2220--2230.Google ScholarCross Ref

Index Terms

Collaborative Security: A Survey and Taxonomy
1. Human-centered computing
  1. Collaborative and social computing

Recommendations

Security, privacy and trust in Internet of Things

Internet of Things (IoT) is characterized by heterogeneous technologies, which concur to the provisioning of innovative services in various application domains. In this scenario, the satisfaction of security and privacy requirements plays a fundamental ...
Read More
WISCS'15: The 2nd ACM Workshop on Information Sharing and Collaborative Security
CCS '15: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security

The mission of the 2nd ACM Workshop on Information Sharing and Collaborative Security is to advance the scientific foundations for sharing threat and security-related data among organizations. The call for better information sharing continues to be an ...
Read More
WISCS 2014: The First ACM Workshop on Information Sharing & Collaborative Security
CCS '14: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security

Sharing of security related information is believed to greatly enhance the ability of organizations to defend themselves against sophisticated attacks. If one organization detects a breach the automated sharing of observed security indicators (such as ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

Published in
ACM Computing Surveys Volume 48, Issue 1
September 2015
592 pages
ISSN:0360-0300
EISSN:1557-7341
DOI:10.1145/2808687
Editor:
Sartaj Sahni
Department of Computer and Information Science and Engineering / University of Florida / Gainesville, FL 32611
Issue’s Table of Contents
Copyright © 2015 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 22 July 2015
- Accepted: 1 April 2015
- Revised: 1 December 2014
- Received: 1 December 2013
Published in csur Volume 48, Issue 1

Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
Collaborative security
information sharing
intrusion detection
malware
privacy
spam
taxonomy
trust
Qualifiers
- survey
- Research
- Refereed
Conference
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 47
  Total Citations
  View Citations
- 1,990
  Total Downloads
- Downloads (Last 12 months)91
- Downloads (Last 6 weeks)17
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Collaborative Security: A Survey and Taxonomy

ACM Computing Surveys

Abstract

References

Cited By

Index Terms

Recommendations

Security, privacy and trust in Internet of Things

WISCS'15: The 2nd ACM Workshop on Information Sharing and Collaborative Security

WISCS 2014: The First ACM Workshop on Information Sharing & Collaborative Security