Pérez, M.G., Tapiador, J.E., Clark, J.A. orcid.org/0000-0002-9230-9739 et al. (2 more authors) (2014) Trustworthy placements: Improving quality and resilience in collaborative attack detection. Computer Networks, 58. pp. 70-86. ISSN 1389-1286
Abstract
Abstract In distributed and collaborative attack detection systems decisions are made on the basis of the events reported by many sensors, e.g., Intrusion Detection Systems placed across various network locations. In some cases such events originate at locations over which we have little control, for example because they belong to an organisation that shares information with us. Blindly accepting such reports as real encompasses several risks, as sensors might be dishonest, unreliable or simply having been compromised. In these situations trust plays an important role in deciding whether alerts should be believed or not. In this work we present an approach to maximise the quality of the information gathered in such systems and the resilience against dishonest behaviours. We introduce the notion of trust diversity amongst sensors and argue that detection configurations with such a property perform much better in many respects. Using reputation as a proxy for trust, we introduce an adaptive scheme to dynamically reconfigure the network of detection sensors. Experiments confirm an overall increase both in detection quality and resilience against compromise and misbehaviour.
Metadata
Item Type: | Article |
---|---|
Authors/Creators: |
|
Copyright, Publisher and Additional Information: | © 2013 Elsevier B.V. This is an author produced version of a paper subsequently published in Computer Networks. Uploaded in accordance with the publisher's self-archiving policy. Article available under the terms of the CC-BY-NC-ND licence (https://creativecommons.org/licenses/by-nc-nd/4.0/) |
Dates: |
|
Institution: | The University of Sheffield |
Academic Units: | The University of Sheffield > Faculty of Engineering (Sheffield) > Department of Computer Science (Sheffield) |
Depositing User: | Symplectic Sheffield |
Date Deposited: | 17 May 2017 14:27 |
Last Modified: | 23 Mar 2018 05:03 |
Published Version: | https://doi.org/10.1016/j.comnet.2013.08.026 |
Status: | Published |
Publisher: | Elsevier |
Refereed: | Yes |
Identification Number: | 10.1016/j.comnet.2013.08.026 |
Open Archives Initiative ID (OAI ID): | oai:eprints.whiterose.ac.uk:116276 |