Title :
Modified evidence theory for performance enhancement of Intrusion Detection Systems
Author :
Thomas, Ciza ; Balakrishnan, N.
Author_Institution :
SERC, Indian Inst. of Sci., Bangalore
fDate :
June 30 2008-July 3 2008
Abstract :
Sensor fusion using heterogeneous intrusion detection systems are employed to aggregate different views of the same event in order to improve the detection through detector reinforcement or complementarity. The fusion technique proposed in this paper is expected to combine the intrusion detection system outputs with subjective judgements. In this paper, a new evidence model which is an extension and improvement of the classical Dempster-Shafer theory is proposed. The feasibility of this method is demonstrated via an analysis case study with several simulated detectors using the replayed DARPA data set. The experimental results are validated and a discussion on why and how the new model is useful is provided. The result shows an improvement in the probability of detection along with a reduction in the false alarm rate with the proposed fusion algorithm.
Keywords :
inference mechanisms; security of data; sensor fusion; DARPA data set; Dempster-Shafer theory; evidence theory; fusion algorithm; intrusion detection systems; performance enhancement; subjective judgements; Dempster-Shafer (DS) method; Intrusion Detection Systems(IDS); Sensor Fusion; belief; conjunctive operator; context-dependent operator; dipolarity; disjunctive operator; idempotence; ignorance; plausibility; quasi-associativity; uncertainty;
Conference_Titel :
Information Fusion, 2008 11th International Conference on
Conference_Location :
Cologne
Print_ISBN :
978-3-8007-3092-6
Electronic_ISBN :
978-3-00-024883-2