Bayesian Decision Aggregation in Collaborative Intrusion Detection Networks

Date Added: Sep 2009
Format: PDF

Cooperation between Intrusion Detection Systems (IDSs) allows collective information and experience from a network of IDSs to be shared to improve the accuracy of detection. A critical component of a collaborative network is the mechanism of feedback aggregation in which each IDS makes an overall security evaluation based on peers opinion and assessment. In this paper, the authors propose a Collaboration framework for Intrusion Detection Networks (CIDNs) and use a Bayesian approach for feedback aggregation by minimizing cost. The proposed model is highly scalable, robust, and cost effective. Experimental results demonstrate an improvement in the true positive detection rate and a reduction in the average cost of their mechanism compared to existing models.