A new data fusion model of intrusion Detection-IDSFP

Authors:
Junfeng Tian;Weidong Zhao;Ruizhong Du;Zhe Zhang
Affiliations:
Faculty of Mathematics and Computer Science, Hebei University, Baoding, China;Faculty of Mathematics and Computer Science, Hebei University, Baoding, China;Faculty of Mathematics and Computer Science, Hebei University, Baoding, China;Faculty of Mathematics and Computer Science, Hebei University, Baoding, China
Venue:
ISPA'05 Proceedings of the Third international conference on Parallel and Distributed Processing and Applications
Year:
2005

Citing 4
Cited 0

Intrusion detection systems and multisensor data fusion

Communications of the ACM
Probabilistic Alert Correlation

RAID '00 Proceedings of the 4th International Symposium on Recent Advances in Intrusion Detection
Managing Alerts in a Multi-Intrusion Detection Environment

ACSAC '01 Proceedings of the 17th Annual Computer Security Applications Conference
Analysis of distributed intrusion detection systems using Bayesian methods

PCC '02 Proceedings of the Performance, Computing, and Communications Conference, 2002. on 21st IEEE International

Quantified Score

Hi-index	0.00

Visualization

Abstract

Based on the multi-sensor data fusion technology, a new Intrusion Detection Data Fusion Model-IDSFP is presented. This model is characterized by correlating and merging alerts of different types of IDSs, generating the measures of the security situation, and thus constituting the evidence. Current security situation of network is estimated by applying the D-S Evidence Theory, and some IDSs in the network are dynamically adjusted to strengthen the detection of the data that relate to the attack attempt. Consequently, the false positive rate and the false negative rate are effectively reduced, and the detection efficiency of IDS is accordingly improved.