Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
AAAI
2006
2006
When Gossip is Good: Distributed Probabilistic Inference for Detection of Slow Network Intrusions
Intrusion attempts due to self-propagating code are becoming an increasingly urgent problem, in part due to the homogeneous makeup of the internet. Recent advances in anomalybased intrusion detection systems (IDSs) have made use of the quickly spreading nature of these attacks to identify them with high sensitivity and at low false positive (FP) rates. However, slowly propagating attacks are much more difficult to detect because they are cloaked under the veil of normal network traffic, yet can be just as dangerous due to their exponential spread pattern. We extend the idea of using collaborative IDSs to corroborate the likelihood of attack by imbuing end hosts with probabilistic graphical models and using random messaging to gossip state among peer detectors. We show that such a system is able to boost a weak anomaly detector D to detect an order-of-magnitude slower worm, at false positive rates less than a few per week, than would be possible using D alone at the end-host or on a ne...
Real-time Traffic| Added | 30 Oct 2010 |
| Updated | 30 Oct 2010 |
| Type | Conference |
| Year | 2006 |
| Where | AAAI |
| Authors | Denver Dash, Branislav Kveton, John Mark Agosta, Eve M. Schooler, Jaideep Chandrashekar, Abraham Bachrach, Alex Newman |
Comments (0)
Researcher Info
|
