Security

Effective Acquaintance Management for Collaborative Intrusion Detection Networks

Download Now Free registration required

Executive Summary

An effective Collaborative Intrusion Detection Network (CIDN) allows distributed Intrusion Detection Systems (IDSes) to collaborate and share their knowledge and opinions about intrusions, to enhance the overall accuracy of intrusion assessment as well as the ability of detecting new classes of intrusions. Towards this goal, the authors propose a distributed Host-based IDS (HIDS) collaboration system, particularly focusing on acquaintance management where each HIDS selects and maintains a list of collaborators from which they can consult about intrusions. More specifically, each HIDS evaluates both the False Positive (FP) rate and False Negative (FN) rate of its neighboring HIDSes' opinions about intrusions using Bayesian learning, and aggregates their opinions about intrusions using a Bayesian decision model.

  • Format: PDF
  • Size: 382.27 KB