Design and management of collaborative intrusion detection networks

Author

Fung, C.J. ; Boutaba, R.

Author_Institution

David R. Cheriton Sch. of Comput. Sci., Univ. of Waterloo, Waterloo, ON, Canada

fYear

2013

fDate

27-31 May 2013

Firstpage

955

Lastpage

961

Abstract

Traditional intrusion detection systems (IDSs) work in isolation and are not effective to detect unknown threats. An intrusion detection network (IDN) is a collaborative IDS network intended to overcome this weakness by allowing IDS peers to share detection knowledge and experience, and hence improve the overall accuracy of intrusion assessment. However, malicious insiders and free riders may compromise the efficiency of IDNs. In this work, we design a collaborative IDN system and particularly focus on four research problems, namely, trust management, collaborative intrusion decision, resource management, and collaborators selection. We evaluate our design in terms of several desired properties such as efficiency, robustness, scalability and incentive-compatibility.

Keywords

computer network management; computer network security; trusted computing; collaborative IDS network; collaborative intrusion detection network design; collaborative intrusion detection network management; collaborator selection; detection knowledge share; intrusion assessment accuracy; resource management; trust management; Bayes methods; Collaboration; Intrusion detection; Peer-to-peer computing; Resource management; Robustness; Vectors; Intrusion detection; collaborative networks; network security and network management;

fLanguage

English

Publisher

ieee

Conference_Titel

Integrated Network Management (IM 2013), 2013 IFIP/IEEE International Symposium on

Conference_Location

Ghent

Print_ISBN

978-1-4673-5229-1

Type

conf

Filename

6573117