Title:  Intrusion Detection in Computer Systems using Multiple ClassifIer Systems
Issue Date:  2008
Internal authors: 
Authors:  Corona I; Giacinto G; Roli F
Number of authors:  3
Language:  Inglese
Volume:  126
First page:  91
Last page:  114
Number of pages:  24
Digital Object Identifier (DOI):  http://dx.doi.org/10.1007/978-3-540-78981-9_5
Scopus identifier:  2-s2.0-35348821822
Book title:  Supervised and Unsupervised Ensemble Methods and Their Applications
Publisher name:  Springer-Verlag
URL:  http://springerlink.com/content/p80275821781/front-matter.pdf
ISBN:  978-354078980-2
Abstract:  Multiple Classifier Systems (MCS) have been applied successfully in many different research fields, among them the detection of intrusions in computer systems. As an example, in the intrusion detection field, MCS may be motivated by the presence of different network protocols (and related services, with specific features), multiple concurrent network connections, distinct host applications and operating systems. In such a heterogeneous environment the MCS approach is particularly suitable, so that different MCS designs have been proposed. In this work we present an overview of different MCS paradigms used in the intrusion detection field, and discuss their peculiarities. In particular, MCS appear to be suited to the anomaly detection paradigm, where attacks are detected as anomalies when compared to a model of normal (legitimate) event patterns. In addition, MCS may be used to increase the robustness of Intrusion Detection System (IDS) against attacks to the IDS itself. Finally, a practical application of MCS for the designing of anomaly-based IDS is presented. ¬© 2008 Springer-Verlag Berlin Heidelberg.
Peer review:  Esperti anonimi
Circulation:  internazionale
Type: 2.1 Contributo in volume (Capitolo o Saggio)

Files in This Item:
There are no files associated with this item.

Questionnaire and social

Share on: