Collaborative Defence for Distributed Attacks (Case Study of Palestinian Information Systems)

Abstract

In this paper, we develop a comprehensive approachfor protecting national Palestinian information systems. We do not restrict our attention to protecting each individual organization, but rather focus on the entire ecosystem as a whole. Therefore, thedeveloped system will be opened for participation for all Palestinian governmental and non -governmental organizations who are interested in improving their security and protection against current threats and security attacks targeting Palestinian information systems. The results will help in raising the aware ness about information security for participating organization. The new technological trends, the need to provide a compet itive services, and the overlap in the businesses in several fields have brought about a shift from the internal organization's infrastructure to engagement in a truly global ecosystem characterized by many cross domain interactions and heterogeneous systems and data. Therefore, the dependency of several governmental and non-governmental organizations on cyber-infrastructure of critical infrastructures encounters an increasing demands and undergoes a profound technological and usage changes. However, the sophistication of cyber attacks has increased over time and tools and techniques of attacks are easy and widely spread. This comes to fact that the technical knowledge required to exploit existing vulnerabilities is decreasing. For example, organizations t hat suffer from Distributed Denial of Service (DDoS) attack, know that they have been attacked, but they cannot easily distinguish the group of IP addresses that commit this attack alone , which create a big challenge for organizations to defend themselves. The perpetrators of these attacks, whether motivated by the prospect of financial gain or because they see such an attacks as means of garnering publicity or otherwise pursuing a political cause, benefit from sharing technology and other information among themselves. Therefore, protecting these infrastructures in the face of faults and malicious attacks is crucial to ensure stability, availability, and continuity of the key electronic services and individual businesses worldwide.