DocumentCode :
1956812
Title :
Self-Organized Mechanism for Distributed Setup of Multiple Heterogeneous Intrusion Detection Systems
Author :
Bartos, K. ; Rehak, Markus
Author_Institution :
Czech Tech. Univ. in Prague Prague, Prague, Czech Republic
fYear :
2012
fDate :
10-14 Sept. 2012
Firstpage :
31
Lastpage :
38
Abstract :
We propose a distributed and self-organized framework for collaboration of multiple heterogeneous IDS sensors. The framework is based on a game-theoretical approach that optimizes behavior of each IDS sensor with respect to other sensors in highly dynamic environments. We formalize the proposed collaborative architecture as a game between defenders and attackers and transform the hard problem of heterogeneous collaboration into an easier problem of finding two functions that are used in the game-theoretical model to specialize the detection mechanisms on a specific type of malicious activity. The collaboration of such more specialized IDS nodes covers much wider range of attack classes, allowing the collaborating system to maximize the overall network security awareness. We have evaluated the proposed concept on real networks, where we have shown considerable improvements in the detection capabilities of intrusion detection devices thanks to the proposed collaboration model.
Keywords :
game theory; groupware; security of data; IDS sensor; attack class; collaborative architecture; game-theoretical approach; intrusion detection device; multiple heterogeneous IDS; multiple heterogeneous intrusion detection system; network security awareness; self-organized mechanism;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Self-Adaptive and Self-Organizing Systems Workshops (SASOW), 2012 IEEE Sixth International Conference on
Conference_Location :
Lyon
Print_ISBN :
978-1-4673-5153-9
Type :
conf
DOI :
10.1109/SASOW.2012.15
Filename :
6498376
Link To Document :
بازگشت