Evaluating Intrusion Sensitivity Allocation with Support Vector Machine for Collaborative Intrusion Detection

Wenjuan Li, Weizhi Meng, Lam For Kwok

Research output: Chapter in book / Conference proceedingConference article published in proceeding or bookAcademic researchpeer-review

2 Citations (Scopus)

Abstract

The aim of collaborative intrusion detection networks (CIDNs) is to provide better detection performance over a single IDS, through allowing IDS nodes to exchange data or information with each other. Nevertheless, CIDNs may be vulnerable to insider attacks, and there is a great need for deploying appropriate trust management schemes to protect CIDNs in practice. In this work, we advocate the effectiveness of intrusion sensitivity-based trust management model and describe an engineering way to automatically allocate the sensitivity values by using a support vector machine (SVM) classifier. To explore the allocation performance, we compare our classifier with several traditional supervised algorithms in the evaluation. We further investigate the performance of our enhanced trust management scheme in a real network environment under adversarial scenarios, and the experimental results indicate that our approach can be more effective in detecting insider attacks as compared with similar approaches.

Original languageEnglish
Title of host publicationInformation Security Practice and Experience - 15th International Conference, ISPEC 2019, Proceedings
EditorsSwee-Huay Heng, Javier Lopez
PublisherSpringer
Pages453-463
Number of pages11
ISBN (Print)9783030343385
DOIs
Publication statusPublished - 2019
Externally publishedYes
Event15th International Conference on Information Security Practice and Experience, ISPEC 2019 - Kuala Lumpur, Malaysia
Duration: 26 Nov 201928 Nov 2019

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume11879 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference15th International Conference on Information Security Practice and Experience, ISPEC 2019
Country/TerritoryMalaysia
CityKuala Lumpur
Period26/11/1928/11/19

Keywords

  • Collaborative intrusion detection
  • Insider threat
  • Intrusion sensitivity
  • Supervised learning
  • Trust management

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

Cite this