Loading…
REFACING: An autonomic approach to network security based on multidimensional trustworthiness
Several research efforts have recently focused on achieving distributed anomaly detection in an effective way. As a result, new information fusion algorithms and models have been defined and applied in order to correlate information from multiple intrusion detection sensors distributed inside the ne...
Saved in:
Published in: | Computer networks (Amsterdam, Netherlands : 1999) Netherlands : 1999), 2008-10, Vol.52 (14), p.2745-2763 |
---|---|
Main Authors: | , , |
Format: | Article |
Language: | English |
Subjects: | |
Citations: | Items that this one cites Items that cite this one |
Online Access: | Get full text |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Summary: | Several research efforts have recently focused on achieving
distributed anomaly detection in an effective way. As a result, new
information fusion algorithms and models have been defined and applied in order to correlate information from multiple intrusion detection sensors distributed inside the network. In this field, an approach which is gaining momentum in the international research community relies on the exploitation of the
Dempster–Shafer (D–S) theory. Dempster and Shafer have conceived a mathematical theory of evidence based on belief functions and plausible reasoning, which is used to combine separate pieces of information (
evidence) to compute the probability of an event.
However, the adoption of the D–S theory to improve distributed anomaly detection efficiency generally involves facing some important issues. The most important challenge definitely consists in sorting the uncertainties in the problem into a priori independent items of evidence. We believe that this can be effectively carried out by looking at some of the principles of autonomic computing in a
self-adaptive fashion, i.e. by introducing support for
self-management,
self-configuration and
self-optimization functionality.
In this paper, we intend to tackle some of the above mentioned issues by proposing the application of the D–S theory to network information fusion. This will be done by proposing a model for a self-management supervising layer exploiting the innovative concept of
multidimensional reputation, which we have called
REFACING (
RElationship–FAmiliarity–Confidence–INteGrity). |
---|---|
ISSN: | 1389-1286 1872-7069 |
DOI: | 10.1016/j.comnet.2008.04.022 |