Intrusion detection systems and multisensor data fusion
Communications of the ACM
Practical network support for IP traceback
Proceedings of the conference on Applications, Technologies, Architectures, and Protocols for Computer Communication
Characteristics of network traffic flow anomalies
IMW '01 Proceedings of the 1st ACM SIGCOMM Workshop on Internet Measurement
Mathematical Techniques in Multisensor Data Fusion
Mathematical Techniques in Multisensor Data Fusion
Multisensor Data Fusion
ICNP '02 Proceedings of the 10th IEEE International Conference on Network Protocols
Alert confidence fusion in intrusion detection systems with extended Dempster-Shafer theory
Proceedings of the 43rd annual Southeast regional conference - Volume 2
One step ahead to multisensor data fusion for DDoS detection
Journal of Computer Security - Special issue on security track at ACM symposium on applied computing 2004
Information fusion for wireless sensor networks: Methods, models, and classifications
ACM Computing Surveys (CSUR)
Diffuse: A topology building engine for wireless sensor networks
Signal Processing
International Journal of Network Management
Vehicular Ad Hoc Networks: A New Challenge for Localization-Based Systems
Computer Communications
Multi-Agent Reinforcement Learning for Intrusion Detection: A Case Study and Evaluation
MATES '08 Proceedings of the 6th German conference on Multiagent System Technologies
ACM Computing Surveys (CSUR)
Information fusion for computer security: State of the art and open issues
Information Fusion
Improvement in intrusion detection with advances in sensor fusion
IEEE Transactions on Information Forensics and Security
A flexible framework for multisensor data fusion using data stream management technologies
Proceedings of the 2009 EDBT/ICDT Workshops
Detection of slow malicious worms using multi-sensor data fusion
CISDA'09 Proceedings of the Second IEEE international conference on Computational intelligence for security and defense applications
Multi-agent reinforcement learning for intrusion detection
ALAMAS'05/ALAMAS'06/ALAMAS'07 Proceedings of the 5th , 6th and 7th European conference on Adaptive and learning agents and multi-agent systems: adaptation and multi-agent learning
Anomaly detection in monitoring sensor data for preventive maintenance
Expert Systems with Applications: An International Journal
Detection of unknown dos attacks by kolmogorov-complexity fluctuation
CISC'05 Proceedings of the First SKLOIS conference on Information Security and Cryptology
Behavior-Based trust in wireless sensor network
APWeb'06 Proceedings of the 2006 international conference on Advanced Web and Network Technologies, and Applications
Information fusion for data dissemination in self-organizing wireless sensor networks
ICN'05 Proceedings of the 4th international conference on Networking - Volume Part I
An automatic and self-adaptive multi-layer data fusion system for WiFi attack detection
International Journal of Internet Technology and Secured Transactions
Review: A review of novelty detection
Signal Processing
| Hi-index | 0.00 |
In our present work we introduce the use of data fusion in the field of DoS anomaly detection. We present Dempster-Shafer's Theory of Evidence (D-S) as the mathematical foundation for the development of a novel DoS detection engine. Based on a data fusion paradigm, we combine multiple evidence generated from simple heuristics to feed our D-S inference engine and attempt to detect flooding attacks.Our approach has as its main advantages the modeling power of Theory of Evidence in expressing beliefs in some hypotheses, the ability to add the notions of uncertainty and ignorance in the system and the quantitative measurement of the belief and plausibility in our detection results.We evaluate our detection engine prototype through a set of experiments, that were conducted with real network traffic and with the use of common DDoS tools. We conclude that data fusion is a promising approach that could increase the DoS detection rate and decrease the false alarm rate.