Paper Info
Title
Self-organized collaboration of distributed IDS sensors
Abstract
We present a distributed self-organized model for collaboration of multiple heterogeneous IDS sensors. The distributed model is based on a game-theoretical approach that optimizes behavior of each IDS sensor with respect to other sensors in highly dynamic environments. We propose a general formalization of the problem of distributed collaboration as a game between defenders and attackers and introduce ε-FIRE, a solution concept suitable for solving this game in highly dynamic environments. Our experimental evaluation of the proposed collaboration model on real network traffic clearly shows improvements in the detection capabilities of all IDS sensors, allowing each system to specialize on particular network activities while not reducing the overall effectiveness. The concept of opponent aware, self-coordinating and strategically reasoning Network Intrusion Detection Networks allows effective collaboration of individual system defenders that may match a market-based collaboration structures of the attackers.
Year
DOI
Venue
2012
10.1007/978-3-642-37300-8_13
DIMVA
Keywords
Field
DocType
real network traffic,self-organized collaboration,individual system defender,effective collaboration,multiple heterogeneous ids sensor,proposed collaboration model,dynamic environment,particular network activity,ids sensor,market-based collaboration structure,self-organized model
Network intrusion detection,Distributed element model,Computer science,Computer security,Distributed collaboration,Adversary,Solution concept,Nash equilibrium,Intrusion detection system,Distributed computing
Conference
Citations 
PageRank 
References 
0
0.34
6
Authors
3
Name
Order
Citations
PageRank
Karel Bartos111012.60
Martin Rehak225128.57
Michal Svoboda300.34