Issue No. 06 - November/December (2011 vol. 9)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2011.97
Steven Cheung , SRI International
One threat to collaborative intrusion detection systems (CIDSs) is statistic-poisoning attacks. In these attacks, adversaries inject incorrect security sensor reports to the system's repository to corrupt the published attack statistics. A novel, robust approach to computing attack statistics published by CIDSs can help counter this threat. This approach is based on contributor-level aggregation and preferential voting. In experiments, this approach effectively detected large-scale attacks and was more resistant to attacks than the basic approach.
intrusion detection, alert correlation, attack tolerance, preferential voting, network security, computer security, cybersecurity, collaborative intrusion detection systems
Steven Cheung, "Securing Collaborative Intrusion Detection Systems", IEEE Security & Privacy, vol. 9, no. , pp. 36-42, November/December 2011, doi:10.1109/MSP.2011.97