{"title":"协同入侵检测网络中利用入侵敏感性增强信任评估:可行性与挑战","authors":"Wenjuan Li, Yuxin Meng, Lam-for Kwok","doi":"10.1109/CIS.2013.115","DOIUrl":null,"url":null,"abstract":"Intrusion detection systems (IDSs) have been widely deployed in computers and networks to identify a variety of attacks. But network intrusions are now becoming more and more sophisticated to detect, thus, collaborative intrusion detection networks (CIDNs) have been proposed which enables an IDS to collect information and learn experience from other IDS nodes. By maintaining interactions among a set of IDS nodes, a CIDN is expected to be more powerful in detecting some complicated attacks such as denial-of-service (DoS) than a single IDS. In real deployment, we identify that each IDS may have different levels of sensitivity in detecting different types of intrusions (i.e., based on their own signatures and settings). In this paper, we therefore define a notion of intrusion sensitivity and investigate the feasibility of using it to evaluate the trustworthiness of an IDS node. In addition, we describe several challenges when using this notion in practice. In the evaluation, the experimental results indicate that the use of intrusion sensitivity is feasible and encouraging to enhance the accuracy of detecting malicious nodes.","PeriodicalId":294223,"journal":{"name":"2013 Ninth International Conference on Computational Intelligence and Security","volume":"6 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-12-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"52","resultStr":"{\"title\":\"Enhancing Trust Evaluation Using Intrusion Sensitivity in Collaborative Intrusion Detection Networks: Feasibility and Challenges\",\"authors\":\"Wenjuan Li, Yuxin Meng, Lam-for Kwok\",\"doi\":\"10.1109/CIS.2013.115\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Intrusion detection systems (IDSs) have been widely deployed in computers and networks to identify a variety of attacks. But network intrusions are now becoming more and more sophisticated to detect, thus, collaborative intrusion detection networks (CIDNs) have been proposed which enables an IDS to collect information and learn experience from other IDS nodes. By maintaining interactions among a set of IDS nodes, a CIDN is expected to be more powerful in detecting some complicated attacks such as denial-of-service (DoS) than a single IDS. In real deployment, we identify that each IDS may have different levels of sensitivity in detecting different types of intrusions (i.e., based on their own signatures and settings). In this paper, we therefore define a notion of intrusion sensitivity and investigate the feasibility of using it to evaluate the trustworthiness of an IDS node. In addition, we describe several challenges when using this notion in practice. In the evaluation, the experimental results indicate that the use of intrusion sensitivity is feasible and encouraging to enhance the accuracy of detecting malicious nodes.\",\"PeriodicalId\":294223,\"journal\":{\"name\":\"2013 Ninth International Conference on Computational Intelligence and Security\",\"volume\":\"6 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2013-12-14\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"52\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2013 Ninth International Conference on Computational Intelligence and Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CIS.2013.115\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 Ninth International Conference on Computational Intelligence and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CIS.2013.115","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Enhancing Trust Evaluation Using Intrusion Sensitivity in Collaborative Intrusion Detection Networks: Feasibility and Challenges
Intrusion detection systems (IDSs) have been widely deployed in computers and networks to identify a variety of attacks. But network intrusions are now becoming more and more sophisticated to detect, thus, collaborative intrusion detection networks (CIDNs) have been proposed which enables an IDS to collect information and learn experience from other IDS nodes. By maintaining interactions among a set of IDS nodes, a CIDN is expected to be more powerful in detecting some complicated attacks such as denial-of-service (DoS) than a single IDS. In real deployment, we identify that each IDS may have different levels of sensitivity in detecting different types of intrusions (i.e., based on their own signatures and settings). In this paper, we therefore define a notion of intrusion sensitivity and investigate the feasibility of using it to evaluate the trustworthiness of an IDS node. In addition, we describe several challenges when using this notion in practice. In the evaluation, the experimental results indicate that the use of intrusion sensitivity is feasible and encouraging to enhance the accuracy of detecting malicious nodes.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
