This Article 
 Bibliographic References 
 Add to: 
17th International Conference on Database and Expert Systems Applications (DEXA'06)
A Trust-Aware, P2P-Based Overlay for Intrusion Detection
Krakow, Poland
September 04-September 08
ISBN: 0-7695-2641-1
Claudiu Duma, Linkopings Universitet, Sweden
Martin Karresand, Swedish Defense Research Agency, Sweden
Nahid Shahmehri, Linkopings Universitet, Sweden
Germano Caronni, Sun Microsystems Laboratories, USA
Collaborative intrusion detection systems (IDSs) have a great potential for addressing the challenges posed by the increasing aggressiveness of current Internet attacks. However, one of the major concerns with the proposed collaborative IDSs is their vulnerability to the insider threat. Malicious intruders, infiltrating such a system, could poison the collaborative detectors with false alarms, disrupting the intrusion detection functionality and placing at risk the whole system. In this paper, we propose a P2P-based overlay for intrusion detection (Overlay IDS) that addresses the insider threat by means of a trust-aware engine for correlating alerts and an adaptive scheme for managing trust. We have implemented our system using JXTA framework and we have evaluated its effectiveness for preventing the spread of a real Internet worm over an emulated network. The evaluation results show that our Overlay IDS significantly increases the overall survival rate of the network.
Claudiu Duma, Martin Karresand, Nahid Shahmehri, Germano Caronni, "A Trust-Aware, P2P-Based Overlay for Intrusion Detection," dexa, pp.692-697, 17th International Conference on Database and Expert Systems Applications (DEXA'06), 2006
Usage of this product signifies your acceptance of the Terms of Use.