Abstract
Intrusion detection systems (IDSs) have been widely deployed in computers and networks to identify a variety of attacks. But network intrusions are now becoming more and more sophisticated to detect, thus, collaborative intrusion detection networks (CIDNs) have been proposed which enables an IDS to collect information and learn experience from other IDS nodes. By maintaining interactions among a set of IDS nodes, a CIDN is expected to be more powerful in detecting some complicated attacks such as denial-of-service (DoS) than a single IDS. In real deployment, we identify that each IDS may have different levels of sensitivity in detecting different types of intrusions (i.e., based on their own signatures and settings). In this paper, we therefore define a notion of intrusion sensitivity and investigate the feasibility of using it to evaluate the trustworthiness of an IDS node. In addition, we describe several challenges when using this notion in practice. In the evaluation, the experimental results indicate that the use of intrusion sensitivity is feasible and encouraging to enhance the accuracy of detecting malicious nodes.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
