Information sharing for distributed intrusion detection systems

被引：22

作者：

Peng, Tao ^{[1
]}

Leckie, Christopher ^{[1
]}

Ramamohanarao, Kotagiri ^{[1
]}

机构：

[1] Univ Melbourne, Dept Comp Sci & Software Engn, ARC Special Res Ctr Ultra Broadband Informat Netw, Melbourne, Vic 3010, Australia

来源：

JOURNAL OF NETWORK AND COMPUTER APPLICATIONS | 2007年 / 30卷 / 03期

基金：

澳大利亚研究理事会;

关键词：

distributed intrusion detection; denial of service attack; reflector attack; information sharing; anomaly detection;

D O I：

10.1016/j.jnca.2005.07.004

中图分类号：

TP3 [计算技术、计算机技术];

学科分类号：

0812 ;

摘要：

In this paper, we present an information sharing model for distributed intrusion detection systems. The typical challenges faced by distributed intrusion detection systems is what information to share and how to share information. We address these problems by using the Cumulative Sum algorithm to collect statistics at each local system, and use a machine learning approach to coordinate the information sharing among the distributed detection systems. Our major contributions Lire two-fold. First, we propose a simple but robust scheme to monitor changes in the local statistics. Second, we present a learning algorithm to decide when to share information so that both the communication overhead among the distributed detection systems and the detection delay are minimized. We demonstrate the application of our information sharing model to a specific distributed intrusion detection scenario. We show that our approach is able to optimize the trade-off between the time required to detect an attack, and the volume of communication between the distributed intrusion detection systems. (C) 2005 Published by Elsevier Ltd.

引用

下载

页码：877 / 899

页数：23

共 50 条

[41] Distributed Privacy-Preserving Collaborative Intrusion Detection Systems for VANETs
Zhang, Tao
Zhu, Quanyan
IEEE TRANSACTIONS ON SIGNAL AND INFORMATION PROCESSING OVER NETWORKS, 2018, 4 (01): : 148 - 161
[42] Hybrid Intrusion Detection System Design for Distributed Energy Resource Systems
Chavez, A.
Lai, C.
Jacobs, N.
Hossain-McKenzie, S.
Jones, C. B.
Johnson, J.
Summers, A.
2019 IEEE CYBERPELS (CYBERPELS), 2019,
[43] Intrusion detection: Introduction to intrusion detection and security information management
Debar, H
Viinikka, J
FOUNDATIONS OF SECURITY ANALYSIS AND DESIGN III, 2005, 3655 : 207 - 236
[44] Privacy protection against malicious adversaries in distributed information sharing systems
Zhang, Nan
Zhao, Wei
IEEE TRANSACTIONS ON KNOWLEDGE AND DATA ENGINEERING, 2008, 20 (08) : 1028 - 1033
[45] Intrusion detection systems - Introduction to intrusion detection and analysis
Debar, H
SECURITY AND PRIVACY IN ADVANCED NETWORKING TECHNOLOGIES, 2004, 193 : 161 - 177
[46] Information cooperation model for distributed information sharing
Yang, X.-C.
Wang, D.
Wang, G.-R.
Yu, G.
Dongbei Daxue Xuebao/Journal of Northeastern University, 2001, 22 (03): : 257 - 260
[47] INTRUSION DETECTION SYSTEMS
WILLIAMS, JD
TRANSACTIONS OF THE AMERICAN NUCLEAR SOCIETY, 1979, 33 (NOV): : 733 - 734
[48] Intrusion detection systems
IEEE Intelligent Systems and Their Applications, 2001, 16 (01):
[49] An efficient distributed intrusion detection scheme
Holz, T
PROCEEDINGS OF THE 28TH ANNUAL INTERNATIONAL COMPUTER SOFTWARE AND APPLICATION CONFERENCE, WORKSHOP AND FAST ABSTRACTS, 2004, : 39 - 40
[50] Research on distributed intrusion detection system
Wang, Zeng-Quan
Wang, Hui-Qiang
Zhao, Qian
Zhang, Rui-Jie
PROCEEDINGS OF 2006 INTERNATIONAL CONFERENCE ON MACHINE LEARNING AND CYBERNETICS, VOLS 1-7, 2006, : 181 - +

← 1 2 3 4 5 →