Sciweavers

Share
CIA
2008
Springer

Trust-Based Classifier Combination for Network Anomaly Detection

9 years 1 months ago
Trust-Based Classifier Combination for Network Anomaly Detection
Abstract. We present a method that improves the results of network intrusion detection by integration of several anomaly detection algorithms through trust and reputation models. Our algorithm is based on existing network behavior analysis approaches that are embodied into several detection agents. We divide the processing into three distinct phases: anomaly detection, trust model update and collective trusting decision. Each of these phases contributes to the reduction of classification error rate, by aggregation of anomaly values provided by individual algorithms, individual update of each agent's trust model based on distinct traffic representation features (derived from its anomaly detection model), and re-aggregation of the trustfulness data provided by individual agents. The result is a trustfulness score for each network flow, which can be used to guide the manual inspection, thus significantly reducing the amount of traffic to analyze. To evaluate the effectiveness of the ...
Martin Rehák, Michal Pechoucek, Martin Gril
Added 12 Oct 2010
Updated 12 Oct 2010
Type Conference
Year 2008
Where CIA
Authors Martin Rehák, Michal Pechoucek, Martin Grill, Karel Bartos
Comments (0)
books