Abstract | ||
---|---|---|
We present a mechanism for autonomous self-adaptation of a network-based intrusion detection system (IDS). The system is composed of a set of cooperating agents, each of which is based on an existing network behavior analysis method. The self adaptation mechanism is based on the insertion of a small number of challenges, i.e. known instances of past legitimate or malicious behavior. The response of individual system components to these challenges is used to measure and eventually optimize the system performance in terms of accuracy. In this work we show how to choose the challenges in a way such that the IDS attaches more importance to the detection of attacks that cause much damage. |
Year | DOI | Venue |
---|---|---|
2009 | 10.1145/1555228.1555248 | ICAC |
Keywords | Field | DocType |
malicious behavior,self adaptation mechanism,existing network behavior analysis,autonomous self-adaptation,system performance,network-based intrusion detection system,threat-model-driven runtime adaptation,small number,individual system component,security management,intrusion detection system,behavior analysis,intrusion detection | Host-based intrusion detection system,Computer science,Computer security,Threat model,Intrusion prevention system,Anomaly-based intrusion detection system,Self adaptation,Intrusion detection system,Network behavior,Distributed computing | Conference |
Citations | PageRank | References |
2 | 0.36 | 4 |
Authors | ||
8 |
Name | Order | Citations | PageRank |
---|---|---|---|
Martin Rehak | 1 | 251 | 28.57 |
Eugen Staab | 2 | 63 | 6.75 |
Volker Fusenig | 3 | 52 | 7.45 |
Jan Stiborek | 4 | 114 | 8.57 |
Martin Grill | 5 | 101 | 10.79 |
Karel Bartos | 6 | 110 | 12.60 |
Michal Pěchouček | 7 | 1134 | 133.88 |
Thomas Engel | 8 | 538 | 59.08 |