Information sharing for distributed intrusion detection systems

被引：22

作者：

Peng, Tao ^{[1
]}

Leckie, Christopher ^{[1
]}

Ramamohanarao, Kotagiri ^{[1
]}

机构：

[1] Univ Melbourne, Dept Comp Sci & Software Engn, ARC Special Res Ctr Ultra Broadband Informat Netw, Melbourne, Vic 3010, Australia

来源：

JOURNAL OF NETWORK AND COMPUTER APPLICATIONS | 2007年 / 30卷 / 03期

基金：

澳大利亚研究理事会;

关键词：

distributed intrusion detection; denial of service attack; reflector attack; information sharing; anomaly detection;

D O I：

10.1016/j.jnca.2005.07.004

中图分类号：

TP3 [计算技术、计算机技术];

学科分类号：

0812 ;

摘要：

In this paper, we present an information sharing model for distributed intrusion detection systems. The typical challenges faced by distributed intrusion detection systems is what information to share and how to share information. We address these problems by using the Cumulative Sum algorithm to collect statistics at each local system, and use a machine learning approach to coordinate the information sharing among the distributed detection systems. Our major contributions Lire two-fold. First, we propose a simple but robust scheme to monitor changes in the local statistics. Second, we present a learning algorithm to decide when to share information so that both the communication overhead among the distributed detection systems and the detection delay are minimized. We demonstrate the application of our information sharing model to a specific distributed intrusion detection scenario. We show that our approach is able to optimize the trade-off between the time required to detect an attack, and the volume of communication between the distributed intrusion detection systems. (C) 2005 Published by Elsevier Ltd.

引用

下载

页码：877 / 899

页数：23

共 50 条

[1] Research on sharing of intrusion detection information
Xiong, JJ
Zhang, R
Zhu, GM
PROCEEDINGS OF THE 2004 INTERNATIONAL CONFERENCE ON MACHINE LEARNING AND CYBERNETICS, VOLS 1-7, 2004, : 549 - 552
[2] Distributed and collaborative intrusion detection systems
Farroukh, Amer
Mukadam, Nabil
Bassil, Elie
Elhajj, Imad H.
2008 IEEE LEBANON COMMUNICATIONS WORKSHOP, 2008, : 41 - 45
[3] Intrusion ripple analysis in distributed information systems
Yau, SS
Zhu, J
PROCEEDINGS OF THE SIXTH IEEE COMPUTER SOCIETY WORKSHOP ON FUTURE TRENDS OF DISTRIBUTED COMPUTING SYSTEMS, 1997, : 28 - 33
[4] Hybrid Intrusion Detection in Information Systems
Pierrot, David
Harbi, Nouria
Darmont, Jerome
2016 INTERNATIONAL CONFERENCE ON INFORMATION SCIENCE AND SECURITY (ICISS), 2014, : 27 - 31
[5] DEVS simulation of distributed intrusion detection systems
Cho, TH
Kim, HJ
SIMULATION-TRANSACTIONS OF THE SOCIETY FOR MODELING AND SIMULATION INTERNATIONAL, 2001, 18 (03): : 133 - 146
[6] DEVS simulation of distributed intrusion detection systems
Cho, Tae Ho
Kim, Hyung Jong
Transactions of the Society for Computer Simulation, 2002, 18 (03): : 133 - 146
[7] Design of Secure Distributed Intrusion Detection Systems
GUO Dai fei
The Journal of China Universities of Posts and Telecommunications, 2002, (02) : 17 - 24
[8] GP ensemble for distributed intrusion detection systems
Folino, G
Pizzuti, C
Spezzano, G
PATTERN RECOGNITION AND DATA MINING, PT 1, PROCEEDINGS, 2005, 3686 : 54 - 62
[9] Secure Information Brokering and Sharing in Distributed Systems
Kumar, G. Siva
Babu, K. Mahesh
INTERNATIONAL JOURNAL OF COMPUTER SCIENCE AND NETWORK SECURITY, 2015, 15 (11): : 107 - 111
[10] Intelligent Distributed Intrusion Detection Systems of Computer Communication Systems
Grzech, Adam
2009 FIRST ASIAN CONFERENCE ON INTELLIGENT INFORMATION AND DATABASE SYSTEMS, 2009, : 1 - 6

← 1 2 3 4 5 →