Improving Anomaly Detection Error Rate by Collective Trust Modeling
Authors | |
---|---|
Year of publication | 2008 |
Type | Article in Proceedings |
Conference | Recent Advances in Intrusion Detection |
MU Faculty or unit | |
Citation | |
Field | Informatics |
Keywords | network behavior analysis; trust modeling |
Description | Current Network Behavior Analysis (NBA) techniques are based on anomaly detection principles and therefore subject to high error rates. We propose a mechanism that deploys trust modeling, a technique for cooperator modeling from the multi-agent research, to improve the quality of NBA results. Our system is designed as a set of agents, each of them based on an existing anomaly detection algorithm coupled with a trust model based on the same traffic representation. These agents minimize the error rate by unsupervised, multi-layer integration of traffic classification. The system has been evaluated on real traffic in Czech academic networks. |
Related projects: |