Title:  Intrusion Detection in Computer Systems using Multiple ClassifIer Systems
Internal authors: 
Issue Date:  2008
Journal: 
STUDIES IN COMPUTATIONAL INTELLIGENCE  
Abstract:  Multiple Classifier Systems (MCS) have been applied successfully in many different research fields, among them the detection of intrusions in computer systems. As an example, in the intrusion detection field, MCS may be motivated by the presence of different network protocols (and related services, with specific features), multiple concurrent network connections, distinct host applications and operating systems. In such a heterogeneous environment the MCS approach is particularly suitable, so that different MCS designs have been proposed. In this work we present an overview of different MCS paradigms used in the intrusion detection field, and discuss their peculiarities. In particular, MCS appear to be suited to the anomaly detection paradigm, where attacks are detected as anomalies when compared to a model of normal (legitimate) event patterns. In addition, MCS may be used to increase the robustness of Intrusion Detection System (IDS) against attacks to the IDS itself. Finally, a practical application of MCS for the designing of anomaly-based IDS is presented. ¬© 2008 Springer-Verlag Berlin Heidelberg.
URI:  http://hdl.handle.net/11584/101889
ISBN:  978-354078980-2
2-s2.0-42449088159
Type: 2.1 Contributo in volume (Capitolo o Saggio)

Files in This Item:
There are no files associated with this item.

Questionnaire and social

Share on: