• DocumentCode
    558713
  • Title

    SMURFEN: A system framework for rule sharing collaborative intrusion detection

  • Author

    Fung, Carol ; Zhu, Quanyan ; Boutaba, Raouf ; Basar, Tamer

  • Author_Institution
    David R. Cheriton Sch. of Comput. Sci., Univ. of Waterloo, Waterloo, ON, Canada
  • fYear
    2011
  • fDate
    24-28 Oct. 2011
  • Firstpage
    1
  • Lastpage
    6
  • Abstract
    Intrusion Detection Systems (IDSs) are designed to monitor network traffic and computer activities in order to alert users about suspicious intrusions. Collaboration among IDSs allows users to benefit from the collective knowledge and information from their collaborators and achieve more accurate intrusion detection. However, most existing collaborative intrusion detection networks rely on the exchange of intrusion data which raises privacy concerns. To overcome this problem, we propose SMURFEN: a Rule Sharing intrusion detection network, which provides a platform for IDS users to effectively share their customized detection knowledge in an IDS community. An automatic rule propagation mechanism is proposed based on a decentralized two-level optimization problem formulation. We evaluate our rule sharing system through simulations and compare our results to existing knowledge sharing methods such as random gossiping and fixed neighbors sharing schemes.
  • Keywords
    Internet; computer network security; groupware; telecommunication traffic; IDS community; SMURFEN; automatic rule propagation mechanism; computer activities; decentralized two-level optimization problem formulation; knowledge sharing methods; neighbors sharing schemes; network traffic monitoring; random gossiping; rule sharing collaborative intrusion detection system; system framework; Collaboration; Computers; Intrusion detection; Peer to peer computing; Receivers; Software;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Network and Service Management (CNSM), 2011 7th International Conference on
  • Conference_Location
    Paris
  • Print_ISBN
    978-1-4577-1588-4
  • Electronic_ISBN
    978-3-901882-44-9
  • Type

    conf

  • Filename
    6104003