Title :
A Multiple Keyword Fusion Scheme for P2P IDS Alert
Author :
Xu, Ming ; Lin, Chaochi ; Chen, Qin
Author_Institution :
Inst. of Comput. Applic. Technol., HangZhou Dianzi Univ., Hangzhou
Abstract :
Alert fusion is a key problem in distributed intrusion detection system (DIDS). The paper proposes a distributed intrusion alert fusion scheme based on multiple keywords and routing infrastructure: distributed hash table (DHT). All the related alerts produced by local sensor can be routed and fused to their corresponding peers by multiple keywords, while evenly distributing unrelated alerts to different peer. We evaluation our scheme with a real-world intrusion detection dataset (DShield Dataset), which has been collected firewall and NIDS logs from over 1600 administrators across the world. Experimental results show that our scheme has well scalable, and can achieve significant improvement in load balancing.
Keywords :
distributed processing; peer-to-peer computing; security of data; DHT; DShield Dataset; P2P IDS alert; distributed hash table; distributed intrusion alert fusion scheme; distributed intrusion detection system; load balancing; multiple keyword fusion scheme; routing infrastructure; Chaotic communication; Computer applications; Computer worms; Intelligent networks; Intelligent systems; Intrusion detection; Peer to peer computing; Routing; Sensor phenomena and characterization; Sensor systems;
Conference_Titel :
Intelligent Networks and Intelligent Systems, 2008. ICINIS '08. First International Conference on
Conference_Location :
Wuhan
Print_ISBN :
978-0-7695-3391-9
Electronic_ISBN :
978-0-7695-3391-9
DOI :
10.1109/ICINIS.2008.43
