RepCIDN: A Reputation-based Collaborative Intrusion Detection Network to Lessen the Impact of Malicious Alarms

被引：0

作者：

Manuel Gil Pérez

Félix Gómez Mármol

Gregorio Martínez Pérez

Antonio F. Skarmeta Gómez

机构：

[1] University of Murcia,Departamento de Ingeniería de la Información y las Comunicaciones

[2] NEC Europe Ltd.,undefined

来源：

Journal of Network and Systems Management | 2013年 / 21卷

关键词：

Security; Trust management; Reputation systems; Intrusion detection systems; Collaboration networks; Group reputation;

D O I：

暂无

中图分类号：

学科分类号：

摘要：

Distributed and coordinated attacks in computer networks are causing considerable economic losses worldwide in recent years. This is mainly due to the transition of attackers’ operational patterns towards a more sophisticated and more global behavior. This fact is leading current intrusion detection systems to be more likely to generate false alarms. In this context, this paper describes the design of a collaborative intrusion detection network (CIDN) that is capable of building and sharing collective knowledge about isolated alarms in order to efficiently and accurately detect distributed attacks. It has been also strengthened with a reputation mechanism aimed to improve the detection coverage by dropping false or bogus alarms that arise from malicious or misbehaving nodes. This model will enable a CIDN to detect malicious behaviors according to the trustworthiness of the alarm issuers, calculated from previous interactions with the system. Experimental results will finally demonstrate how entities are gradually isolated as their behavior worsens throughout the time.

引用

页码：128 / 167

页数：39

共 63 条

[1] Bass T.(2000)Intrusion detection systems and multisensor data fusion Commun. ACM 43 99-105
[2] Zhou C.V.(2010)A survey of coordinated attacks and collaborative intrusion detection Comput. Secur. 29 124-140
[3] Leckie C.(2008)Reputation-based framework for high integrity sensor networks ACM Trans. Sensor Netw. 4 1-15
[4] Karunasekera S.(2005)A survey and comparison of peer-to-peer overlay network schemes IEEE Commun. Surv. Tutor. 7 72-93
[5] Ganeriwal S.(2009)Security threats scenarios in trust and reputation models for distributed systems Comput. Secur. 28 545-556
[6] Balzano L.K.(2010)TRIMS, a privacy-aware trust and reputation model for identity management systems Comput. Netw. 54 2899-2912
[7] Srivastava M.B.(2004)PeerTrust: supporting reputation-based trust for peer-to-peer electronic communities IEEE Trans. Knowl. Data Eng. 16 843-857
[8] Lua E.K.(2008)Intrusion alert correlation technique analysis for heterogeneous log Int. J. Comput. Sci. Netw. Secur. 8 132-138
[9] Crowcroft J.(2010)Event-driven architecture based on patterns for detecting complex attacks Int. J. Crit. Comput. Based Syst. 1 283-309
[10] Pias M.(2010)PKI-based trust management in inter-domain scenarios Comput. Secur. 29 278-290

← 1 2 3 4 5 6 7 →