A distributed framework for supporting adaptive ensemble-based intrusion detection

This paper proposes anatomy and main functionalities of a distributed framework for supporting adaptive ensemble-based intrusion detection. We start from open issues and limitations of actual state-of-the-art proposals, and we derive a suitable architecture that, based on actual, emerging research trends, finally defines an innovative ensemble-based network intrusion detection system that combines following requirements: distribution, cooperativeness, scalability, multi-scale network traffic analysis, feature selection and extraction. These requirements are recognized by our study as first-class research challenges for next-generation intrusion detection systems.