Proceedings of EC2ND'07:
Defending Against Next Generation through Network/Endpoint Collaboration and Interaction
Spiros Antonatos, FORTH-ICS, Greece; Michael E. Locasto, Stelios Sidiroglou, Angelos D. Keromytis, Columbia University, USA; Evangelos Markatos, FORTH-ICS, Greece;

Abstract
The nature of cyberattacks has changed dramatically over the past few years. Encryption, polymorphism, metamorphism of attack vectors and targeted attacks based on hitlists have rendered traditional defense mecha-nisms unable to react on such threats. To overcome the current limitations of detection mechanisms, we argue that large-scale collaboration among end-hosts is a viable solution. In this paper we discuss two host-based ap-proaches: application communities, a collaboration of members who run the same applications with different instrumentation level trying to identify previously unknown attacks, and Honey@home, an architecture that en-ables the gathering of information from distributed unused IP address space.

Download this paper: pdf