2015
DOI: 10.1016/j.comnet.2015.01.012
|View full text |Cite
|
Sign up to set email alerts
|

Abstract: Intrusion Detection Networks (IDN) are distributed cyberdefense systems composed of different nodes performing local detection and filtering functions, as well as sharing information with other nodes in the IDN. The security and resilience of such cyberdefense systems are paramount, since an attacker will try to evade them or render them unusable before attacking the end systems. In this paper, we introduce a system model for IDN nodes in terms of their logical components, functions, and communication channels… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
3
1
1

Citation Types

0
5
0

Year Published

2015
2015
2022
2022

Publication Types

Select...
4
3

Relationship

0
7

Authors

Journals

citations
Cited by 9 publications
(5 citation statements)
references
References 36 publications
(49 reference statements)
0
5
0
Order By: Relevance
“…Intrusion assessments from nodes with different trust values are assigned with different weights to improve intrusion detection accuracy. DEFIDNET [23] discussed comprehensive adversary model for CIDN. for example, a malicious node in CIDN can block, fabricate, and modify messages exchanged in the CIDN.…”
Section: Related Workmentioning
confidence: 99%
“…Intrusion assessments from nodes with different trust values are assigned with different weights to improve intrusion detection accuracy. DEFIDNET [23] discussed comprehensive adversary model for CIDN. for example, a malicious node in CIDN can block, fabricate, and modify messages exchanged in the CIDN.…”
Section: Related Workmentioning
confidence: 99%
“…An IDS monitors activity and seeks to identify evidence of ongoing attacks, intrusion attempts, or violations of the security policies. IDSs have evolved since the first model proposed in the late 1980s [11].…”
Section: Intrusion Detection Systemsmentioning
confidence: 99%
“…Each has a distinct approach for monitoring, securing data and systems. A Host Intrusion Detection System (HIDS) is a software agent that can be installed in a particular computer in order to monitor and analyze events on that particular host to detect any suspicious behavior [11]. It is reasonably easy for a host IDS to spot when an application crashes, when it tries to open a suspicious file, or it attempts to open a connection through the network.…”
Section: Figure 1: Common Intrusion Detection Framework Modelmentioning
confidence: 99%
“…The deployment phase of the IDSs can follow a number of well-known schemes, such as centralized, fully decentralized, or partially-decentralized [18]. We adapt here the partiallydecentralized system architecture proposed in [11], including the properties of Section III-A to assess alert satisfaction.…”
Section: B Collaborative Intrusion Detection Networkmentioning
confidence: 99%