2 NEC Europe Ltd.[Middlesex] (Athene, Odyssey Business Park, West End Road, South Ruislip, Middlesex, HA4 6QE - United Kingdom)
Abstract : Collaborative Intrusion Detection Networks (CIDN) are usually composed by a set of nodes working together to detect distributed intrusions that cannot be easily recognized with traditional intrusion detection architectures. In this approach every node could potentially collaborate to provide its vision of the system and report the alarms being detected at the network, service and/or application levels. This approach includes considering mobile nodes that will be entering and leaving the network in an ad hoc manner. However, for this alert information to be useful in the context of CIDN networks, certain trust and reputation mechanisms determining the credibility of a particular mobile node, and the alerts it provides, are needed. This is the main objective of this paper, where an inter-domain trust and reputation model, together with an architecture for inter-domain collaboration, are presented with the main aim of improving the detection accuracy in CIDN systems while users move from one security domain to another.
https://hal.inria.fr/hal-01587832
Contributor : Hal Ifip
<>
Submitted on : Thursday, September 14, 2017 - 4:48:01 PM
Last modification on : Thursday, September 14, 2017 - 4:53:14 PM
Document(s) archivé(s) le : Friday, December 15, 2017 - 7:59:39 PM
Manuel Gil Pérez, Félix Gómez Mármol, Gregorio Martínez Pérez, Antonio Gómez Skarmeta. Mobility in Collaborative Alert Systems: Building Trust through Reputation. International IFIP TC 6 Workshops PE-CRN, NC-Pro, WCNS, and SUNSET 2011 Held at NETWORKING 2011 (NETWORKING), May 2011, Valencia, Spain. pp.251-262, ⟨10.1007/978-3-642-23041-7_24⟩. ⟨hal-01587832⟩
