Paper Info
Title
Trust-based Solution for Robust Self-configuration of Distributed Intrusion Detection Systems.
Abstract
Protection of network infrastructures against highly sophisticated network attacks requires an intelligent, robust, and adaptive detection system. We present a distributed model for collaboration of multiple heterogeneous intrusion detection sensors. The proposed model assumes that each network can be monitored with multiple detection sensors deployed in various locations. The model optimizes behavior of each sensor with respect to other sensors in highly dynamic network environments by using a game-theoretical approach. We propose a general formalization of the problem of distributed collaboration as a game between defenders and attackers and introduce a trust-based solution concept epsilon-FIRE that is suitable for solving this game in highly dynamic environments, preventing any poisoning or manipulation of the cooperative system by intelligent attackers. According to our experimental evaluation on real network traffic, the proposed model of distributed collaboration shows clear improvements in the overall detection capabilities of the system, caused by mutual specialization of individual detection sensors. The concept of opponent aware, self-coordinating and strategically reasoning Intrusion Detection Network represents an effective next-generation solution that may match a market-based collaboration structures of the attackers.
Year
DOI
Venue
2012
10.3233/978-1-61499-098-7-121
FRONTIERS IN ARTIFICIAL INTELLIGENCE AND APPLICATIONS
Field
DocType
Volume
Dynamic network analysis,Distributed element model,Computer science,Intrusion prevention system,Distributed intrusion detection,Adversary,Distributed collaboration,Solution concept,Intrusion detection system,Distributed computing
Conference
242
ISSN
Citations 
PageRank 
0922-6389
2
0.38
References 
Authors
3
2
Name
Order
Citations
PageRank
Karel Bartos111012.60
Martin Rehak225128.57