A Distributed Sequential Algorithm for Collaborative Intrusion Detection Networks
Quanyan Zhu,Carol Fung,Raouf Boutaba,Tamer Basar +3 more
- 23 May 2010
- pp 1-6
TL;DR: A sequential hypothesis testing method for feedback aggregation for each individual IDS in the network is presented and simulation results corroborate the theoretical results and demonstrate the properties of cost efficiency and accuracy compared to other heuristic methods.
read more
Abstract: Collaborative intrusion detection networks are often used to gain better detection accuracy and cost efficiency as compared to a single host-based intrusion detection system (IDS). Through cooperation, it is possible for a local IDS to detect new attacks that may be known to other experienced acquaintances. In this paper, we present a sequential hypothesis testing method for feedback aggregation for each individual IDS in the network. Our simulation results corroborate our theoretical results and demonstrate the properties of cost efficiency and accuracy compared to other heuristic methods. The analytical result on the lower-bound of the average number of acquaintances for consultation is essential for the design and configuration of IDSs in a collaborative environment.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
•Proceedings Article
Design and management of collaborative intrusion detection networks
Carol Fung,Raouf Boutaba +1 more
- 27 May 2013
TL;DR: This work designs a collaborative IDN system and particularly focus on four research problems, namely, trust management, collaborative intrusion decision, resource management, and collaborators selection, and evaluates the design in terms of several desired properties such as efficiency, robustness, scalability and incentive-compatibility.
Effective Statistical Detection of Smart Confidentiality Attacks in Multi-Domain Networks
TL;DR: An anomaly-based approach, namely PCE Anomaly Detector (PAD) is proposed in order to detect malicious utilization of path computation services and shows good performance in terms of detection capabilities while guaranteeing the trade-off between accuracy and responsiveness, minimizing false alarm occurrences.
10
•Posted Content
Differentially Private Collaborative Intrusion Detection Systems For VANETs.
Tao Zhang,Quanyan Zhu +1 more
TL;DR: A privacy-preserving machine-learning based collaborative IDS (PML-CIDS) for VANETs is proposed that employs the alternating direction method of multipliers (ADMM) to a class of empirical risk minimization (ERM) problems and trains a classifier to detect the intrusions in the VANets.
8
DIAMoND: Distributed Intrusion/Anomaly Monitoring for Nonparametric Detection
Maciej Korczynski,Ali Hamieh,Jun Ho Huh,Henrik Holm,S. Raj Rajagopalan,Nina H. Fefferman +5 more
- 01 Aug 2015
TL;DR: This paper describes a fully nonparametric, scalable, distributed detection algorithm for intrusion/anomaly detection in networks and discusses how this approach addresses a growing trend in distributed attacks while also providing solutions to problems commonly associated with distributed detection systems.
Towards Collaborative Intrusion Detection Enhancement Against Insider Attacks with Multi-level Trust
Wenjuan Li,Weizhi Meng,Hui Zhu +2 more
- 01 Dec 2020
TL;DR: In this article, a generic framework aiming to enhance the security of collaborative intrusion detection systems (CIDSs) against advanced insider threats by deriving multilevel trust is proposed.
6
References
The value of reputation on eBay: A controlled experiment
TL;DR: The authors conducted the first randomized controlled field experiment of an Internet reputation mechanism and found that the difference in buyers' willingness-to-pay was 8.1% of the selling price between eBay sellers with and without negative feedback.
•Book
Principles of Signal Detection and Parameter Estimation
Bernard C. Levy
- 07 Jul 2008
TL;DR: This book explores both Gaussian detection and detection of Markov chains, presenting a unified treatment of coding and modulation topics, and addresses asymptotic of tests with the theory of large deviations, and robust detection.
512
A Trust-Aware, P2P-Based Overlay for Intrusion Detection
Claudiu Duma,Martin Karresand,Nahid Shahmehri,Germano Caronni +3 more
- 04 Sep 2006
TL;DR: A P2P-based overlay for intrusion detection (overlay IDS) that addresses the insider threat by means of a trust-aware engine for correlating alerts and an adaptive scheme for managing trust is proposed.
107
Trust Management for Host-Based Collaborative Intrusion Detection
Carol Fung,Olga Baysal,Jie Zhang,Issam Aib,Raouf Boutaba +4 more
- 22 Sep 2008
TL;DR: A trust model that allows each IDS to evaluate the trustworthiness of others based on personal experience is defined, which improves the robustness of the collaborative system against malicious attacks.
Collaborative Internet worm containment
Min Cai,Kai Hwang,Yu-Kwong Kwok,Shanshan Song,Yu Chen +4 more
- 01 May 2005
TL;DR: This research presents a probabilistic procedure that can be used to estimate the probability of a large-scale worm outbreak from a single distributed denial-of-service (DDoS) attack, and the procedure can be modified for smaller outbreaks.
Related Papers (5)
R. C. Sekar,Y. Guang,S. Verma,T. Shanbhag +3 more
- 01 Nov 1999
Jun Gao,Weiming Hu,Xiaoqin Zhang,Xi Li +3 more
- 15 Sep 2009