A Data-Fusion-Based Method for Intrusion Detection System in Networks

Full Text (PDF, 260KB), PP.32-40

Views: 0 Downloads: 0

Author(s)

Xiaofeng Zhao 1,* Hua Jiang 1 LiYan Jiao 2

1. Department of Information Management, Hebei University of Engineering, HanDan, China

2. Department of Medical Science , Hebei University of Engineering, Handan, China

* Corresponding author.

DOI: https://doi.org/10.5815/ijieeb.2009.01.05

Received: 15 Jun. 2009 / Revised: 25 Jul. 2009 / Accepted: 12 Sep. 2009 / Published: 8 Oct. 2009

Index Terms

Intrusion detection system, data fusion, D-S theory

Abstract

Hackers’ attacks are more and more intelligent, which makes it hard for single intrusion detection methods to attain favorable detection result. Therefore, many researches have carried out how to combine multiple security measures to provide the network system more effective protection. However, so far none of those methods can achieve the requirement of the practical application. A new computer information security protection system based on data fusion theory is proposed in this paper. Multiple detection measures are “fused” in this system, so that it has lower false negatives rate and false positive rate as well as better scalabilities and robust.

Cite This Paper

Xiaofeng Zhao, Hua Jiang, LiYan Jiao, "A Data-Fusion-Based Method for Intrusion Detection System in Networks", International Journal of Information Engineering and Electronic Business(IJIEEB), vol.1, no.1, pp.32-40, 2009. DOI:10.5815/ijieeb.2009.01.05

Reference

[1]Tim Bass, “Intrusion detection systems and multisensor data fusion”, Communications of the ACM, Vol.43, April 2000, pp.99-105.
[2]Tim Bass, Silk Road, “Multisensor data fusion for next generation distributed intrusion detection systems”, IRIS National Symposium Draft, 1999,pp.24-27.
[3]L.I.Kuncheva, “Switching between selection and fusion in combining classifiers: An experiment”,IEEE Trans.on Systems, Man and Cybernetics,2002, Vol.32, pp.146-156.
[4]K.Tumer and J.Ghosh, “Error correlation and errorreduction in ensemble classifiers”, Connection Science, 1996Vol.8, pp.385-404.
[5]F.Roli, G.Giacinto and G.Vernazza,“Methods for designing multiple classifier systems”, MCS,LNCS2096, 2001, pp.78-87.
[6]Klein, L.A.. “A Boolean algebra approach to multiple sensor voting fusion”, IEEE Trans Acrosp.Electron Syst, 2004, pp.317-327.
[7]A. P. F. Chan, W. W. Y. Ng, D. S. Yeung and E. C.C. Tsang, “Multiple classifier system with feature grouping for intrusion detection: mutual information approach”, To appear in the 9th International Conference on Knowledge-Based Intelligent Information & Engineering Systems,2005, pp.215-221.
[8]AKI P.F.CHAN, WING W.Y.NG, DANIEL S.YEUNG, “Comparison of different fusion approaches for network Intrusion Detection Using Ensemble of RBFNN”, Proceedings of the Fourth International Conference on Machine Learning and Cybernetics, Guangzhou, 2005, pp.18-21.
[9]You He, Guohong Wang, “The applications of multi-sensors data fusion”, Beijing: Publishing House of Electronics Industry, 2000, 11.
[10]Shafer, G. “A mathematical theory of evidence”,Princeton U.P., Princeton, N .J., 1976.
[11]VALDES A, SKINNER K. “Probabilistic alert correlation”, Fourth International Symposium on Recent Advance in Intrusion Detection, 2001.pp.54-69.
[12]Chengpo Mu , Houkuan Huang , Shengfeng Tian,“Intrusion detection alert verification based on multi level fuzzy comprehensive evaluation”, In : Proc. 2005 International Conference on Computational Intelligence and Security , Lecture Notes in Artificial Intelligence 3801 , Berlin , 2005, pp, 9-16.
[13]Mu Chengpo, Huang Houkuan , Tian Shengfeng.“Intrusion detection alerts processing based on fuzzy comprehensive evaluation”, Journal of Computer Research and Development , 2005 , 42(10),pp.1679-1685.
[14]Soojin Lee, Byungchun Chung. “Real-time analysis of intrusion detection alerts via correlation”. Computers &Security. (2006)25, pp.169-183.
[15]KDD CUP 1999 Data .http://www.ics.uci.edu/~kdd/databases/kddcup99/kddcup99.html
[16]Xiaofeng Zhao, Zhen Ye. “Research on weighted multi Random decision tree and its application to intrusion detection”. Computer Engineering and Applications. 2007, 27(5), pp.1041-1043.
[17]Grundel D, Murphey R, Paralos P, eds. “Theory and algorithms for cooperative systems”, Singapore:World Scientific, 2005, pp.239-310.