Information sharing for distributed intrusion detection systems

被引：22

作者：

Peng, Tao ^{[1
]}

Leckie, Christopher ^{[1
]}

Ramamohanarao, Kotagiri ^{[1
]}

机构：

[1] Univ Melbourne, Dept Comp Sci & Software Engn, ARC Special Res Ctr Ultra Broadband Informat Netw, Melbourne, Vic 3010, Australia

来源：

JOURNAL OF NETWORK AND COMPUTER APPLICATIONS | 2007年 / 30卷 / 03期

基金：

澳大利亚研究理事会;

关键词：

distributed intrusion detection; denial of service attack; reflector attack; information sharing; anomaly detection;

D O I：

10.1016/j.jnca.2005.07.004

中图分类号：

TP3 [计算技术、计算机技术];

学科分类号：

0812 ;

摘要：

In this paper, we present an information sharing model for distributed intrusion detection systems. The typical challenges faced by distributed intrusion detection systems is what information to share and how to share information. We address these problems by using the Cumulative Sum algorithm to collect statistics at each local system, and use a machine learning approach to coordinate the information sharing among the distributed detection systems. Our major contributions Lire two-fold. First, we propose a simple but robust scheme to monitor changes in the local statistics. Second, we present a learning algorithm to decide when to share information so that both the communication overhead among the distributed detection systems and the detection delay are minimized. We demonstrate the application of our information sharing model to a specific distributed intrusion detection scenario. We show that our approach is able to optimize the trade-off between the time required to detect an attack, and the volume of communication between the distributed intrusion detection systems. (C) 2005 Published by Elsevier Ltd.

引用

下载

页码：877 / 899

页数：23

共 50 条

[21] Research on Distributed Intrusion Detection Model Based on Information Fusion
Ping, Du
Wei, Xu
NANOTECHNOLOGY AND COMPUTER ENGINEERING, 2010, 121-122 : 528 - 533
[22] The impact of privacy and data protection legislation on the sharing of intrusion detection information
Johnston, Steven R.
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 2015, 2212 : 150 - 171
[23] A New Vision for Intrusion Detection System in Information Systems
Lounis, Ouarda
Malika, Bourenane
2015 SCIENCE AND INFORMATION CONFERENCE (SAI), 2015, : 1352 - 1356
[24] Analysis of distributed intrusion detection systems using Bayesian methods
Burroughs, DJ
Wilson, LF
Cybenko, GV
CONFERENCE PROCEEDINGS OF THE 2002 IEEE INTERNATIONAL PERFORMANCE, COMPUTING, AND COMMUNICATIONS CONFERENCE, 2002, : 329 - 334
[25] A Multi-agent Approach for Intrusion Detection in Distributed Systems
Forestiero, Agostino
MULTIMEDIA COMMUNICATIONS, SERVICES AND SECURITY, MCSS 2015, 2015, 566 : 72 - 82
[26] Ensemble based collaborative and distributed intrusion detection systems: A survey
Folino, Gianluigi
Sabatino, Pietro
JOURNAL OF NETWORK AND COMPUTER APPLICATIONS, 2016, 66 : 1 - 16
[27] Dynamic Distributed Intrusion Detection for Secure Multi Robot Systems
Fagiolini, Adrian
Babboni, Francesco
Bicchi, Antonio
ICRA: 2009 IEEE INTERNATIONAL CONFERENCE ON ROBOTICS AND AUTOMATION, VOLS 1-7, 2009, : 2705 - 2710
[28] Intrusion detection in distributed systems, an approach based on taint marking
Hauser, Christophe
Tronel, Frederic
Fidge, Colin
Me, Ludovic
2013 IEEE INTERNATIONAL CONFERENCE ON COMMUNICATIONS (ICC), 2013,
[29] Distributed Architecture of an Intrusion Detection System in Industrial Control Systems
Abid, Ahlem
Jemili, Farah
Korbaa, Ouajdi
ADVANCES IN COMPUTATIONAL COLLECTIVE INTELLIGENCE, ICCCI 2022, 2022, 1653 : 472 - 484
[30] Distributed signal detection with information sharing among local sensors
Liu, Xiangyang
Min, Gang
Cheng, Xiaoying
Wu, Guangen
2019 4TH INTERNATIONAL CONFERENCE ON MECHANICAL, CONTROL AND COMPUTER ENGINEERING (ICMCCE 2019), 2019, : 524 - 528

← 1 2 3 4 5 →