Research on Distributed Intrusion Detection Model Based on Information Fusion

被引：0

作者：

Ping, Du ^{[1
]}

Wei, Xu ^{[1
]}

机构：

[1] E China Inst Technol, Key Lab Radioact Geol & Explorat Technol Fundamen, Fuzhou City 344000, Jiangxi, Peoples R China

来源：

NANOTECHNOLOGY AND COMPUTER ENGINEERING | 2010年 / 121-122卷

关键词：

intrusion detection; distribution; information fusion; network security;

D O I：

10.4028/www.scientific.net/AMR.121-122.528

中图分类号：

TP301 [理论、方法];

学科分类号：

081202 ;

摘要：

The research actuality of Intrusion Detection System(IDS) were analyzed, Due to the defects of IDS such as high positive rate of IDS and incapable of effective detection of dispersed coordinated attacks on the time and space, the ideas of the multi-source information fusion were introduced in the paper, a multi-level IDS reasoning framework and prototype system were presented. The prototype adds analysis engine to the existing IDS Sensor, We used Bayesian Network as a tool for multi-source information fusion, and we used goal-tree to analyze the attempts of coordinated attacks and quantify the security risk of system. Compared to the existing IDS, the prototype is more integrated and more capable in finding coordinated attacks with lower false positive rate.

引用

页码：528 / 533

页数：6

共 6 条

[1] Bedworth M, 2006, IEEE AES SYSTEMS MAG
[2] Dasarathy B V, 2007, OPTICAL ENG, V36, P669
[3] A large scale distributed intrusion detection framework based on attack strategy analysis
Huang, MY
Jasper, RJ
Wicks, TM
[J]. COMPUTER NETWORKS-THE INTERNATIONAL JOURNAL OF COMPUTER AND TELECOMMUNICATIONS NETWORKING, 1999, 31 (23-24): : 2465 - 2475
[4] Northcutt S., 1999, NETWORK INTRUSION DE
[5] Talreja D, 2004, FRAMEWORK PERFORMA 2
[6] Cooperating security managers: A peer-based intrusion detection system
White, GB
Fisch, EA
Pooch, UW
[J]. IEEE NETWORK, 1996, 10 (01): : 20 - 23

← 1 →