Self-Organized Mechanism for Distributed Setup of Multiple Heterogeneous Intrusion Detection Systems

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F68407700%3A21230%2F13%3A00195219" target="_blank" >RIV/68407700:21230/13:00195219 - isvavai.cz</a>

Výsledek na webu

<a href="http://dx.doi.org/10.1109/SASOW.2012.15" target="_blank" >http://dx.doi.org/10.1109/SASOW.2012.15</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.1109/SASOW.2012.15" target="_blank" >10.1109/SASOW.2012.15</a>

Jazyk výsledku

angličtina

Název v původním jazyce

Self-Organized Mechanism for Distributed Setup of Multiple Heterogeneous Intrusion Detection Systems

Popis výsledku v původním jazyce

We propose a distributed and self-organized framework for collaboration of multiple heterogeneous IDS sensors. The framework is based on a game-theoretical approach that optimizes behavior of each IDS sensor with respect to other sensors in highly dynamic environments. We formalize the proposed collaborative architecture as a game between defenders and attackers and transform the hard problem of heterogeneous collaboration into an easier problem of finding two functions that are used in the game-theoretical model to specialize the detection mechanisms on a specific type of malicious activity. The collaboration of such more specialized IDS nodes covers much wider range of attack classes, allowing the collaborating system to maximize the overall networksecurity awareness. We have evaluated the proposed concept on real networks, where we have shown considerable improvements in the detection capabilities of intrusion detection devices thanks to the proposed collaboration model.

Název v anglickém jazyce

Self-Organized Mechanism for Distributed Setup of Multiple Heterogeneous Intrusion Detection Systems

Popis výsledku anglicky

We propose a distributed and self-organized framework for collaboration of multiple heterogeneous IDS sensors. The framework is based on a game-theoretical approach that optimizes behavior of each IDS sensor with respect to other sensors in highly dynamic environments. We formalize the proposed collaborative architecture as a game between defenders and attackers and transform the hard problem of heterogeneous collaboration into an easier problem of finding two functions that are used in the game-theoretical model to specialize the detection mechanisms on a specific type of malicious activity. The collaboration of such more specialized IDS nodes covers much wider range of attack classes, allowing the collaborating system to maximize the overall networksecurity awareness. We have evaluated the proposed concept on real networks, where we have shown considerable improvements in the detection capabilities of intrusion detection devices thanks to the proposed collaboration model.

Druh

D - Stať ve sborníku

CEP obor

JC - Počítačový hardware a software

OECD FORD obor

—

Projekt

Výsledek vznikl pri realizaci vícero projektů. Více informací v záložce Projekty.

Návaznosti

P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)<br>S - Specificky vyzkum na vysokych skolach

Rok uplatnění

2013

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název statě ve sborníku

Adaptive Host and Network Security

ISBN

978-0-7695-4895-1

ISSN

—

e-ISSN

—

Počet stran výsledku

8

Strana od-do

31-38

Název nakladatele

Dynamic Object Language Labs

Místo vydání

Lyon

Místo konání akce

Lyon

Datum konání akce

14. 9. 2012

Typ akce podle státní příslušnosti

WRD - Celosvětová akce

Kód UT WoS článku

—