Peer-to-Peer Architecture for Collaborative Intrusion and Malware Detection on a Large Scale
ISC '09 Proceedings of the 12th International Conference on Information Security
| Hi-index | 0.00 |
In this paper we propose a peer-to-peer (P2P) prototype (INTCTD) for intrusion detection over an overlay network. INTCTD is a distributed system based on neural networks for detecting network traffic anomalies and for modifying dynamically the network resource access policies. Automated learning and online knowledge sharing are employed among the participating nodes, while the distillation of the network traffic is performed by each individual each node. This approach for local analysis of the network traffic gives the opportunity for utilization of simple automated learners at each node and the reduction of the amount of information exchanged among the peers.