IRMA-International.org: Creator of Knowledge
Information Resources Management Association
Advancing the Concepts & Practices of Information Resources Management in Modern Organizations

Multilevel Fusion-Based Intrustion Detection

Multilevel Fusion-Based Intrustion Detection
View Free PDF
Author(s): Remco de Boer (SemLab, The Netherlands), Jan van den Berg (Erasmus University Rotterdam, The Netherlands) and Wilco van Ginkel (Ubizen, The Netherlands)
Copyright: 2004
Pages: 3
Source title: Innovations Through Information Technology
Source Editor(s): Mehdi Khosrow-Pour, D.B.A. (Information Resources Management Association, USA)
DOI: 10.4018/978-1-59140-261-9.ch095
ISBN13: 9781616921255
EISBN13: 9781466665347

Abstract

Shortcomings of current intrusion detection systems, most notably high false alarm rates and insufficient attack detection accuracy, call for a structured, sophisticated approach. We identify multi-sensor data fusion as such an approach and present a multilevel intrusion detection system architecture. At each level, logically independent functional units combine the data or information from various sources using the technique of data fusion. In this way, each unit contributes to the overall quality of the intrusion detection system. We present the set of functional tasks to be performed, their hierarchical relationships, and sketch the way the units should work together. The corresponding multilevel ‘blackboard’ architecture can be used as starting point for implementing next generation high quality intrusion detection systems1.

Body Bottom