The Community for Technology Leaders
RSS Icon
Subscribe
Issue No.06 - November/December (2011 vol.9)
pp: 36-42
Steven Cheung , SRI International
ABSTRACT
One threat to collaborative intrusion detection systems (CIDSs) is statistic-poisoning attacks. In these attacks, adversaries inject incorrect security sensor reports to the system's repository to corrupt the published attack statistics. A novel, robust approach to computing attack statistics published by CIDSs can help counter this threat. This approach is based on contributor-level aggregation and preferential voting. In experiments, this approach effectively detected large-scale attacks and was more resistant to attacks than the basic approach.
INDEX TERMS
intrusion detection, alert correlation, attack tolerance, preferential voting, network security, computer security, cybersecurity, collaborative intrusion detection systems
CITATION
Steven Cheung, "Securing Collaborative Intrusion Detection Systems", IEEE Security & Privacy, vol.9, no. 6, pp. 36-42, November/December 2011, doi:10.1109/MSP.2011.97
REFERENCES
1. V. Yegneswaran, P. Barford, and J. Ullrich, "Internet Intrusions: Global Characteristics and Prevalence," Proc. 2003 ACM SIGMETRICS Int'l Conf. Measurement and Modeling of Computer Systems, ACM Press, 2003, pp. 138–147.
2. J. Bethencourt, J. Franklin, and M. Vernon, "Mapping Internet Sensors with Probe Response Attacks," Proc. 14th Usenix Security Symp., Usenix, 2005, pp. 193–208.
3. I.D. Hill, B.A. Wichmann, and D.R. Woodall, "Algorithm 123: Single Transferable Vote by Meek's Method," The Computer J., vol. 30, no. 2, 1987, pp. 277–281.
4. J. Zhang, P. Porras, and J. Ullrich, "Highly Predictive Blacklisting," Proc. 17th Usenix Security Symp., Usenix, 2008, pp. 107–122.
25 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool