Fusing intrusion data for detection and containment

Research output: Contribution to conferencePaperpeer-review

6 Scopus citations

Abstract

Fusing information from diverse detectors remains a challenge in the field of intrusion detection. We apply data fusion techniques to fuse alerts generated by different detectors that signal the potential presence of an intrusion. Data fusion has been shown to result in a decrease in false positives while achieving an improved level of detection. By combining detections from fusers on distributed hosts, a system can also detect and track the spread of an intrusion. We proceed to analyze the response time requirements of such a distributed containment system by including an explicit containment parameter in the spreading formulation.

Original languageEnglish
Pages741-746
Number of pages6
StatePublished - 2003
EventMILCOM 2003 - 2003 IEEE Military Communications Conference - Monterey, CA, United States
Duration: Oct 13 2003Oct 16 2003

Conference

ConferenceMILCOM 2003 - 2003 IEEE Military Communications Conference
Country/TerritoryUnited States
CityMonterey, CA
Period10/13/0310/16/03

Fingerprint

Dive into the research topics of 'Fusing intrusion data for detection and containment'. Together they form a unique fingerprint.

Cite this