TY - GEN
T1 - Enhancing trust evaluation using intrusion sensitivity in collaborative intrusion detection Networks
T2 - 9th International Conference on Computational Intelligence and Security, CIS 2013
AU - Li, Wenjuan
AU - Meng, Yuxin
AU - Kwok, Lam For
PY - 2013
Y1 - 2013
N2 - Intrusion detection systems (IDSs) have been widely deployed in computers and networks to identify a variety of attacks. But network intrusions are now becoming more and more sophisticated to detect, thus, collaborative intrusion detection networks (CIDNs) have been proposed which enables an IDS to collect information and learn experience from other IDS nodes. By maintaining interactions among a set of IDS nodes, a CIDN is expected to be more powerful in detecting some complicated attacks such as denial-of-service (DoS) than a single IDS. In real deployment, we identify that each IDS may have different levels of sensitivity in detecting different types of intrusions (i.e., based on their own signatures and settings). In this paper, we therefore define a notion of intrusion sensitivity and investigate the feasibility of using it to evaluate the trustworthiness of an IDS node. In addition, we describe several challenges when using this notion in practice. In the evaluation, the experimental results indicate that the use of intrusion sensitivity is feasible and encouraging to enhance the accuracy of detecting malicious nodes.
AB - Intrusion detection systems (IDSs) have been widely deployed in computers and networks to identify a variety of attacks. But network intrusions are now becoming more and more sophisticated to detect, thus, collaborative intrusion detection networks (CIDNs) have been proposed which enables an IDS to collect information and learn experience from other IDS nodes. By maintaining interactions among a set of IDS nodes, a CIDN is expected to be more powerful in detecting some complicated attacks such as denial-of-service (DoS) than a single IDS. In real deployment, we identify that each IDS may have different levels of sensitivity in detecting different types of intrusions (i.e., based on their own signatures and settings). In this paper, we therefore define a notion of intrusion sensitivity and investigate the feasibility of using it to evaluate the trustworthiness of an IDS node. In addition, we describe several challenges when using this notion in practice. In the evaluation, the experimental results indicate that the use of intrusion sensitivity is feasible and encouraging to enhance the accuracy of detecting malicious nodes.
KW - Collaborative Intrusion Detection Network
KW - Intrusion Detection
KW - Intrusion Sensitivity
KW - Trust Management
UR - http://www.scopus.com/inward/record.url?scp=84900619220&partnerID=8YFLogxK
U2 - 10.1109/CIS.2013.115
DO - 10.1109/CIS.2013.115
M3 - Conference article published in proceeding or book
AN - SCOPUS:84900619220
SN - 9781479925483
T3 - Proceedings - 9th International Conference on Computational Intelligence and Security, CIS 2013
SP - 518
EP - 522
BT - Proceedings - 9th International Conference on Computational Intelligence and Security, CIS 2013
Y2 - 14 December 2013 through 15 December 2013
ER -