INTCTD: A Peer-to-Peer Approach for Intrusion Detection
Source: University of Chicago
This paper proposes a Peer-to-Peer (P2P) prototype (INTCTD) for intrusion detection over an overlay network. INTCTD is a distributed system based on neural networks for detecting network traffic anomalies and for modifying dynamically the network resource access policies. Automated learning and online knowledge sharing are employed among the participating nodes, while the distillation of the network traffic is performed by each individual each node. This approach for local analysis of the network traffic gives the opportunity for utilization of simple automated learners at each node and the reduction of the amount of information exchanged among the peers.