Publication details
Improving Anomaly Detection Error Rate by Collective Trust Modeling
| Authors | |
|---|---|
| Year of publication | 2008 |
| Type | Article in Proceedings |
| Conference | Recent Advances in Intrusion Detection |
| MU Faculty or unit | |
| Citation | |
| Field | Informatics |
| Keywords | network behavior analysis; trust modeling |
| Description | Current Network Behavior Analysis (NBA) techniques are based on anomaly detection principles and therefore subject to high error rates. We propose a mechanism that deploys trust modeling, a technique for cooperator modeling from the multi-agent research, to improve the quality of NBA results. Our system is designed as a set of agents, each of them based on an existing anomaly detection algorithm coupled with a trust model based on the same traffic representation. These agents minimize the error rate by unsupervised, multi-layer integration of traffic classification. The system has been evaluated on real traffic in Czech academic networks. |
| Related projects: |