A Comprehensive Approach to Intrusion Detection Alert Correlation
IEEE Transactions on Dependable and Secure Computing
Trust Modeling with Context Representation and Generalized Identities
CIA '07 Proceedings of the 11th international workshop on Cooperative Information Agents XI
Trust-Based Classifier Combination for Network Anomaly Detection
CIA '08 Proceedings of the 12th international workshop on Cooperative Information Agents XII
Runtime Monitoring and Dynamic Reconfiguration for Intrusion Detection Systems
RAID '09 Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection
Hi-index | 0.00 |
Current Network Behavior Analysis (NBA) techniques are based on anomaly detection principles and therefore subject to high error rates. We propose a mechanism that deploys trust modeling, a technique for cooperator modeling from the multi-agent research, to improve the quality of NBA results. Our system is designed as a set of agents, each of them based on an existing anomaly detection algorithm coupled with a trust model based on the same traffic representation. These agents minimize the error rate by unsupervised, multi-layer integration of traffic classification. The system has been evaluated on real traffic in Czech academic networks.