This paper proposes anatomy and main functional- ities of a distributed framework for supporting adaptive ensemble- based intrusion detection. We start from open issues and lim- itations of actual state-of-the-art proposals, and we derive a suitable architecture that, based on actual, emerging research trends, finally defines an innovative ensemble-based network in- trusion detection system that combines following requirements: distribution, cooperativeness, scalability, multi-scale network traffic analysis, feature selection and extraction. These requirements are recognized by our study as first-class research challenges for next- generation intrusion detection systems.
A Distributed Framework for Supporting Adaptive Ensemble-based Intrusion Detection,
Gianluigi Folino;Pietro Sabatino
2015
Abstract
This paper proposes anatomy and main functional- ities of a distributed framework for supporting adaptive ensemble- based intrusion detection. We start from open issues and lim- itations of actual state-of-the-art proposals, and we derive a suitable architecture that, based on actual, emerging research trends, finally defines an innovative ensemble-based network in- trusion detection system that combines following requirements: distribution, cooperativeness, scalability, multi-scale network traffic analysis, feature selection and extraction. These requirements are recognized by our study as first-class research challenges for next- generation intrusion detection systems.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.