Data Fusion Support for Intrusion Detection and Prevention

Mohsen Beheshti, Richard A. Wasniowski
2007 Fourth International Conference on Information Technology (ITNG'07)  
The main problem with current intrusion detection and prevention systems is high rate of false alarms triggered off by attackers. Effective protecting the network against attacks remains problem in both research and the computer network managing professionals. Improved monitoring of malicious attacks will require integration of multiple monitoring systems. In our project we are analyzing potential benefits of distributed multi sensor systems for intrusion detection. Our main purpose for this
more » ... purpose for this work is to examine how to integrate multiple intrusion detection sensors in the order to minimize the number of incorrect-alarms The first problem is how to integrate data from multiple sensors, and the second how to identify most important data provided by multiple sensors. We are currently developing series of analytical models to use potential benefits of multiple sensors for reducing false alarms.
doi:10.1109/itng.2007.62 dblp:conf/itng/BeheshtiW07 fatcat:j3uxdnmwkbbf7kjpmqzbi6cwlq