Title :
Fusing intrusion data for detection and containment
Author :
Shankar, Mallikarjun ; Rao, Nageswara ; Batsell, Stephen
Author_Institution :
Oak Ridge Nat. Lab., TN, USA
Abstract :
Fusing information from diverse detectors remains a challenge in the field of intrusion detection. We apply data fusion techniques to fuse alerts generated by different detectors that signal the potential presence of an intrusion. Data fusion has been shown to result in a decrease in false positives while achieving an improved level of detection. By combining detections from fusers on distributed hosts, a system can also detect and track the spread of an intrusion. We proceed to analyze the response time requirements of such a distributed containment system by including an explicit containment parameter in the spreading formulation.
Keywords :
safety systems; sensor fusion; data fusion techniques; distributed containment system; diverse detectors; intrusion detection; response time; Computer security; Delay; Detectors; Fuses; Fusion power generation; Intrusion detection; Laboratories; Sensor fusion; Sensor phenomena and characterization; Signal generators;
Conference_Titel :
Military Communications Conference, 2003. MILCOM '03. 2003 IEEE
Print_ISBN :
0-7803-8140-8
DOI :
10.1109/MILCOM.2003.1290204
