Agent-Based Distributed Intrusion Alert System

Ghosh, Adarsh; Sen, Sandip

doi:10.1007/978-3-540-30536-1_28

Cited by 28 publications

(20 citation statements)

References 11 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This sampling effort can be distributed arbitrarily over the links in the network. Here, we assume a distributed agent based IDS [15] and not a central one to avoid single point of failure. The IDS samples the packets on each link via the agents while not exceeding the sampling budget, B s .…”

Section: Game Objectives and Constraintsmentioning

confidence: 99%

Game theoretic models for detecting network intrusions

Otrok

Mehrandish

Assi

et al. 2008

Computer Communications

View full text Add to dashboard Cite

Section: Game Objectives and Constraintsmentioning

confidence: 99%

Game theoretic models for detecting network intrusions

Otrok

Mehrandish

Assi

et al. 2008

Computer Communications

View full text Add to dashboard Cite

“…ABDIAS [13] is a community based collaborative IDN where IDSes are organized into groups and exchange intrusion information to gain better intrusion detection accuracy. A simple majority-based voting system was proposed to detect compromised nodes.…”

Section: Related Workmentioning

confidence: 99%

Trust Management and Admission Control for Host-Based Collaborative Intrusion Detection

et al. 2010

View full text Add to dashboard Cite

The accuracy of detecting an intrusion within a network of intrusion detection systems (IDSes) depends on the efficiency of collaboration between member IDSes. The security itself within this network is an additional concern that needs to be addressed. In this paper, we present a trust-based framework for secure and effective collaboration within an intrusion detection network (IDN). In particular, we design a trust model that allows each IDS to evaluate the trustworthiness of other IDSes based on its personal experience. We also propose an admission control algorithm for the IDS to manage the acquaintances it approaches for advice about intrusions. We discuss the effectiveness of our approach in protecting the IDN against common attacks. Additionally, experimental results demonstrate that our system yields significant improvement in detecting intrusions. The trust model further improves the robustness of the collaborative system against malicious attacks. The experimental results also support that our admission control algorithm is effective and fair, and creates incentives for collaboration.

show abstract

“…Several CIDNs [16], [2], [7] have been proposed in the past few years. In most CIDNs, especially worm detection CIDNs (such as Dshield [14] and NetShield [2]), IDSs are…”

Section: Introductionmentioning

confidence: 99%

Bayesian decision aggregation in collaborative intrusion detection networks

Fung

Zhu

Boutaba

et al. 2010

2010 IEEE Network Operations and Management Symposium - NOMS 2010

View full text Add to dashboard Cite

Cooperation between intrusion detection systems (IDSs) allow collective information and experience from a network of IDSs to be shared for improving the accuracy of detection. A critical component of a collaborative network is the mechanism of feedback aggregation in which each IDS makes an overall security evaluation based on peer opinions and assessments. In this paper, we propose a collaboration framework for intrusion detection networks (CIDNs) and use a Bayesian approach for feedback aggregation by minimizing the combined costs of missed detection and false alarm. The proposed model is highly scalable, robust, and cost effective. Experimental results demonstrate an improvement in the true positive detection rate and a reduction in the average cost of our mechanism compared to existing models.

show abstract

Agent-Based Distributed Intrusion Alert System

Cited by 28 publications

References 11 publications

Game theoretic models for detecting network intrusions

Game theoretic models for detecting network intrusions

Trust Management and Admission Control for Host-Based Collaborative Intrusion Detection

Bayesian decision aggregation in collaborative intrusion detection networks

Contact Info

Product

Resources

About