IEEE Transactions on Software Engineering - Special issue on computer security and privacy
IEEE Transactions on Pattern Analysis and Machine Intelligence
Reputation and social network analysis in multi-agent systems
Proceedings of the first international joint conference on Autonomous agents and multiagent systems: part 1
Network Security: The Complete Reference
Network Security: The Complete Reference
Belief Revision Process Based on Trust: Agents Evaluating Reputation of Information Sources
Proceedings of the workshop on Deception, Fraud, and Trust in Agent Societies held during the Autonomous Agents Conference: Trust in Cyber-societies, Integrating the Human and Artificial Perspectives
Principles of Trust for MAS: Cognitive Anatomy, Social Importance, and Quantification
ICMAS '98 Proceedings of the 3rd International Conference on Multi Agent Systems
Detecting deception in reputation management
AAMAS '03 Proceedings of the second international joint conference on Autonomous agents and multiagent systems
Pattern Classification (2nd Edition)
Pattern Classification (2nd Edition)
Diagnosing network-wide traffic anomalies
Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications
A Comprehensive Approach to Intrusion Detection Alert Correlation
IEEE Transactions on Dependable and Secure Computing
Review on Computational Trust and Reputation Models
Artificial Intelligence Review
Mining anomalies using traffic feature distributions
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
Trust Model for Open Ubiquitous Agent Systems
IAT '05 Proceedings of the IEEE/WIC/ACM International Conference on Intelligent Agent Technology
An integrated trust and reputation model for open multi-agent systems
Autonomous Agents and Multi-Agent Systems
MLBP: MAS for large-scale biometric pattern recognition
AAMAS '06 Proceedings of the fifth international joint conference on Autonomous agents and multiagent systems
MLBP: MAS for large-scale biometric pattern recognition
AAMAS '06 Proceedings of the fifth international joint conference on Autonomous agents and multiagent systems
Simplification and analysis of transitive trust networks
Web Intelligence and Agent Systems
Reducing unwanted traffic in a backbone network
SRUTI'05 Proceedings of the Steps to Reducing Unwanted Traffic on the Internet on Steps to Reducing Unwanted Traffic on the Internet Workshop
Network intrusion detection through Adaptive Sub-Eigenspace Modeling in multiagent systems
ACM Transactions on Autonomous and Adaptive Systems (TAAS)
Network Intrusion Detection by Means of Community of Trusting Agents
IAT '07 Proceedings of the 2007 IEEE/WIC/ACM International Conference on Intelligent Agent Technology
High-Performance Agent System for Intrusion Detection in Backbone Networks
CIA '07 Proceedings of the 11th international workshop on Cooperative Information Agents XI
Trust Modeling with Context Representation and Generalized Identities
CIA '07 Proceedings of the 11th international workshop on Cooperative Information Agents XI
Learning Initial Trust Among Interacting Agents
CIA '07 Proceedings of the 11th international workshop on Cooperative Information Agents XI
A Probabilistic Framework for Decentralized Management of Trust and Quality
CIA '07 Proceedings of the 11th international workshop on Cooperative Information Agents XI
SP 800-94. Guide to Intrusion Detection and Prevention Systems (IDPS)
SP 800-94. Guide to Intrusion Detection and Prevention Systems (IDPS)
Improving Anomaly Detection Error Rate by Collective Trust Modeling
RAID '08 Proceedings of the 11th international symposium on Recent Advances in Intrusion Detection
Runtime Monitoring and Dynamic Reconfiguration for Intrusion Detection Systems
RAID '09 Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection
Trust estimation using contextual fitness
KES-AMSTA'10 Proceedings of the 4th KES international conference on Agent and multi-agent systems: technologies and applications, Part I
A situation-aware computational trust model for selecting partners
Transactions on computational collective intelligence V
| Hi-index | 0.00 |
We present a method that improves the results of network intrusion detection by integrating several anomaly detection algorithms through trust and reputation models. Our algorithm is based on existing network behavior analysis approaches that are embodied into several detection agents. We divide the processing into three distinct phases: anomaly detection, trust model update and collective trusting decision. Each of these phases contributes to the reduction of classification error rate, by the aggregation of anomaly values provided by individual algorithms, individual update of each agent's trust model based on distinct traffic representation features (derived from its anomaly detection model), and re-aggregation of the trustfulness data provided by individual agents. The result is a trustfulness score for each network flow, which can be used to guide the manual inspection, thus significantly reducing the amount of traffic to analyze. To evaluate the effectiveness of the method, we present a set of experiments performed on real network data.