Mac Dermott, AM, Shi, Q and Kifayat, K (2017) Distributed attack prevention using Dempster-Shafer theory of evidence. In: Intelligent Computing Methodologies , 10363 (LNCS). pp. 203-212. (International Conference on Intelligent Computing (ICIC 2017), 07 August 2017 - 10 August 2017, Liverpool).
|
Text
ICIC AMD.pdf - Accepted Version Download (490kB) | Preview |
Abstract
This paper details a robust collaborative intrusion detection methodology for detecting attacks within a Cloud federation. It is a proactive model and the responsibility for managing the elements of the Cloud is distributed among several monitoring nodes. Since there are a wide range of elements to manage, complexity grows proportionally with the size of the Cloud, so a suitable communication and monitoring hierarchy is adopted. Our architecture consists of four major entities: the Cloud Broker, the monitoring nodes, the local coordinator (Super Nodes), and the global coordinator (Command and Control server - C2). Utilising monitoring nodes into our architecture enhances the performance and response time, yet achieves higher accuracy and a broader spectrum of protection. For collaborative intrusion detection, we use the Dempster Shafer theory of evidence via the role of the Cloud Broker. Dempster Shafer executes as a main fusion node, with the role to collect and fuse the information provided by the monitors, taking the final decision regarding a possible attack.
Item Type: | Conference or Workshop Item (Paper) |
---|---|
Additional Information: | The final publication is available at Springer via http://dx.doi.org/10.1007/978-3-319-63315-2_18 |
Subjects: | Q Science > QA Mathematics > QA75 Electronic computers. Computer science |
Divisions: | Computer Science & Mathematics |
Publisher: | Springer, Cham |
Date Deposited: | 15 Aug 2017 09:42 |
Last Modified: | 13 Apr 2022 15:15 |
DOI or ID number: | 10.1007/978-3-319-63315-2_18 |
URI: | https://researchonline.ljmu.ac.uk/id/eprint/6938 |
View Item |