Journal article

Information sharing for distributed intrusion detection systems

Tao Peng, Christopher Leckie, Kotagiri Ramamohanarao

JOURNAL OF NETWORK AND COMPUTER APPLICATIONS | ACADEMIC PRESS LTD- ELSEVIER SCIENCE LTD | Published : 2007

Abstract

In this paper, we present an information sharing model for distributed intrusion detection systems. The typical challenges faced by distributed intrusion detection systems is what information to share and how to share information. We address these problems by using the Cumulative Sum algorithm to collect statistics at each local system, and use a machine learning approach to coordinate the information sharing among the distributed detection systems. Our major contributions are two-fold. First, we propose a simple but robust scheme to monitor changes in the local statistics. Second, we present a learning algorithm to decide when to share information so that both the communication overhead amo..

View full abstract