REFACING: An autonomic approach to network security based on multidimensional trustworthiness

Several research efforts have recently focused on achieving distributed anomaly detection in an effective way. As a result, new information fusion algorithms and models have been defined and applied in order to correlate information from multiple intrusion detection sensors distributed inside the ne...

Full description

Saved in:
Bibliographic Details
Published in:Computer networks (Amsterdam, Netherlands : 1999) Netherlands : 1999), 2008-10, Vol.52 (14), p.2745-2763
Main Authors: Oliviero, F., Peluso, L., Romano, S.P.
Format: Article
Language:English
Subjects:
Applied sciences
Autonomic communication
Correlation analysis
Dempster
Exact sciences and technology
Information
Information fusion
Miscellaneous
Network security
Optimization algorithms
Services and terminals of telecommunications
Shafer theory
Studies
Systems, networks and services of telecommunications
Telecommunications
Telecommunications and information theory
Telemetry. Remote supervision. Telewarning. Remote control
Teleprocessing networks. Isdn
Trustworthiness
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Several research efforts have recently focused on achieving distributed anomaly detection in an effective way. As a result, new information fusion algorithms and models have been defined and applied in order to correlate information from multiple intrusion detection sensors distributed inside the network. In this field, an approach which is gaining momentum in the international research community relies on the exploitation of the Dempster–Shafer (D–S) theory. Dempster and Shafer have conceived a mathematical theory of evidence based on belief functions and plausible reasoning, which is used to combine separate pieces of information ( evidence) to compute the probability of an event. However, the adoption of the D–S theory to improve distributed anomaly detection efficiency generally involves facing some important issues. The most important challenge definitely consists in sorting the uncertainties in the problem into a priori independent items of evidence. We believe that this can be effectively carried out by looking at some of the principles of autonomic computing in a self-adaptive fashion, i.e. by introducing support for self-management, self-configuration and self-optimization functionality. In this paper, we intend to tackle some of the above mentioned issues by proposing the application of the D–S theory to network information fusion. This will be done by proposing a model for a self-management supervising layer exploiting the innovative concept of multidimensional reputation, which we have called REFACING ( RElationship–FAmiliarity–Confidence–INteGrity).
ISSN:1389-1286
1872-7069
DOI:10.1016/j.comnet.2008.04.022