Evaluating intrusion sensitivity allocation with supervised learning in collaborative intrusion detection

Wenjuan LI, Fei TIAN, Jin LI, Yang XIANG

Research output: Contribution to journalArticlespeer-review

3 Citations (Scopus)

Abstract

Network intrusions are a big security threat to current computer networks. For protection, collaborative intrusion detection networks (CIDNs) are developed attempting to reach better detection performance than a single detector, by allowing a set of detectors to switch data or information with each other. However, there is a need to implement suitable trust management schemes, with the aim to safeguard such distributed detection networks against insider threats. In the literature, previous studies have indicated that the notion of intrusion sensitivity can be used to enhance the effectiveness of trust management, by highlighting the feedback from expert nodes. In addition, machine learning can be used to assign the value of intrusion sensitivity automatically. In this work, we evaluate the performance of typical supervised learning classifiers in allocating the value of intrusion sensitivity, and figure out some limitations under different data sets. Then we investigate the impact of intrusion sensitivity in a real network environment under adversarial conditions. The results demonstrate that a wrongly assigned sensitivity value may greatly degrade the detection effectiveness of insider attacks. There is a significant need to choose a suitable classifier in allocating the value of intrusion sensitivity in practice. Copyright © 2020 John Wiley & Sons Ltd.

Original languageEnglish
Article numbere5957
JournalConcurrency and Computation: Practice and Experience
Volume34
Issue number16
Early online dateSept 2020
DOIs
Publication statusPublished - Jul 2022

Citation

Li, W., Tian, F., Li, J., & Xiang, Y. (2022). Evaluating intrusion sensitivity allocation with supervised learning in collaborative intrusion detection. Concurrency and Computation: Practice and Experience, 34(16), Article e5957. https://doi.org/10.1002/cpe.5957

Keywords

  • Collaborative intrusion detection
  • Insider threat
  • Intrusion sensitivity
  • Supervised learning
  • Trust management

Fingerprint

Dive into the research topics of 'Evaluating intrusion sensitivity allocation with supervised learning in collaborative intrusion detection'. Together they form a unique fingerprint.