Two-Stage Optimisation in the Design of Boolean Functions
ACISP '00 Proceedings of the 5th Australasian Conference on Information Security and Privacy
NSTAT: A Model-based Real-time Network Intrusion Detection System
NSTAT: A Model-based Real-time Network Intrusion Detection System
Review on Computational Trust and Reputation Models
Artificial Intelligence Review
A survey of trust and reputation systems for online service provision
Decision Support Systems
Self-Configuration of Network Security
EDOC '07 Proceedings of the 11th IEEE International Enterprise Distributed Object Computing Conference
Network Models and Optimization: Multiobjective Genetic Algorithm Approach
Network Models and Optimization: Multiobjective Genetic Algorithm Approach
Review: The use of computational intelligence in intrusion detection systems: A review
Applied Soft Computing
Towards pre-standardization of trust and reputation models for distributed and heterogeneous systems
Computer Standards & Interfaces
Non-linear cryptanalysis revisited: heuristic search for approximations to S-boxes
Cryptography and Coding'07 Proceedings of the 11th IMA international conference on Cryptography and coding
Learning Autonomic Security Reconfiguration Policies
CIT '10 Proceedings of the 2010 10th IEEE International Conference on Computer and Information Technology
Comparing Reputation Schemes for Detecting Malicious Nodes in Sensor Networks
The Computer Journal
Trust Management and Admission Control for Host-Based Collaborative Intrusion Detection
Journal of Network and Systems Management
Mobility in collaborative alert systems: building trust through reputation
NETWORKING'11 Proceedings of the IFIP TC 6th international conference on Networking
Collaborative anomaly-based detection of large-scale internet attacks
Computer Networks: The International Journal of Computer and Telecommunications Networking
COTS diversity based intrusion detection and application to web servers
RAID'05 Proceedings of the 8th international conference on Recent Advances in Intrusion Detection
Defense of trust management vulnerabilities in distributed networks
IEEE Communications Magazine
An adaptive mode control algorithm of a scalable intrusion tolerant architecture
Journal of Computer and System Sciences
Journal of Network and Systems Management
Survey A model-based survey of alert correlation techniques
Computer Networks: The International Journal of Computer and Telecommunications Networking
Hi-index | 0.00 |
In distributed and collaborative attack detection systems decisions are made on the basis of the events reported by many sensors, e.g., Intrusion Detection Systems placed across various network locations. In some cases such events originate at locations over which we have little control, for example because they belong to an organisation that shares information with us. Blindly accepting such reports as real encompasses several risks, as sensors might be dishonest, unreliable or simply having been compromised. In these situations trust plays an important role in deciding whether alerts should be believed or not. In this work we present an approach to maximise the quality of the information gathered in such systems and the resilience against dishonest behaviours. We introduce the notion of trust diversity amongst sensors and argue that detection configurations with such a property perform much better in many respects. Using reputation as a proxy for trust, we introduce an adaptive scheme to dynamically reconfigure the network of detection sensors. Experiments confirm an overall increase both in detection quality and resilience against compromise and misbehaviour.