Title :
A Clustering Data Fusion Method for Intrusion Detection System
Author :
Fessi, B.A. ; Abdallah, S.B. ; Djemaiel, Y. ; Boudriga, N.
Author_Institution :
Ecole Super. des Commun. (SUP´´COM), Univ. of Carthage, Tunis, Tunisia
fDate :
Aug. 31 2011-Sept. 2 2011
Abstract :
The increasing advance in technological systems has several impacts that affect the security of information systems. The result of such progress leads to an exponential growth in the ability to generate and access to the information. Therefore, there is a need to have both appropriate and specific data. To achieve this goal, data fusion approaches are applied to analyze large scale of heterogeneous data in complex systems. The existing data fusion systems rely generally on human experts but they lack of training dataset for the fusion techniques. Thus, useful autonomous approach should be applied to fuse data automatically and accurately. In this paper, a decision fusion approach based on clustering technique is proposed. This technique enables the generation of composite attack scenarios by selecting events generated by analyzers while considering their efficiency to detect attacks using defined efficiency criteria. The general system architecture is presented to allocate the data fusion component within the network. Then, the core functioning and the characteristics of the data fusion component are presented.
Keywords :
decision making; information systems; pattern clustering; security of data; sensor fusion; clustering data fusion method; complex systems; decision fusion approach; information systems; intrusion detection system; training dataset; Analytical models; Clustering algorithms; Data models; IP networks; Intrusion detection; Servers; Data fusion; analyzer; clustering; decision fusion; intrusion detection;
Conference_Titel :
Computer and Information Technology (CIT), 2011 IEEE 11th International Conference on
Conference_Location :
Pafos
Print_ISBN :
978-1-4577-0383-6
Electronic_ISBN :
978-0-7695-4388-8
DOI :
10.1109/CIT.2011.92
