DocumentCode :
477034
Title :
Modified evidence theory for performance enhancement of Intrusion Detection Systems
Author :
Thomas, Ciza ; Balakrishnan, N.
Author_Institution :
SERC, Indian Inst. of Sci., Bangalore
fYear :
2008
fDate :
June 30 2008-July 3 2008
Firstpage :
1
Lastpage :
8
Abstract :
Sensor fusion using heterogeneous intrusion detection systems are employed to aggregate different views of the same event in order to improve the detection through detector reinforcement or complementarity. The fusion technique proposed in this paper is expected to combine the intrusion detection system outputs with subjective judgements. In this paper, a new evidence model which is an extension and improvement of the classical Dempster-Shafer theory is proposed. The feasibility of this method is demonstrated via an analysis case study with several simulated detectors using the replayed DARPA data set. The experimental results are validated and a discussion on why and how the new model is useful is provided. The result shows an improvement in the probability of detection along with a reduction in the false alarm rate with the proposed fusion algorithm.
Keywords :
inference mechanisms; security of data; sensor fusion; DARPA data set; Dempster-Shafer theory; evidence theory; fusion algorithm; intrusion detection systems; performance enhancement; subjective judgements; Dempster-Shafer (DS) method; Intrusion Detection Systems(IDS); Sensor Fusion; belief; conjunctive operator; context-dependent operator; dipolarity; disjunctive operator; idempotence; ignorance; plausibility; quasi-associativity; uncertainty;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Information Fusion, 2008 11th International Conference on
Conference_Location :
Cologne
Print_ISBN :
978-3-8007-3092-6
Electronic_ISBN :
978-3-00-024883-2
Type :
conf
Filename :
4632423
Link To Document :
بازگشت