By Topic

Graphical Inference for Multiple Intrusion Detection

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
Tung Le ; Dept. of Electr. & Comput. Eng., Univ. of Illinois at Urbana-Champaign, Urbana, IL ; Christoforos N. Hadjicostis

In this paper, we consider vulnerabilities of networked systems and develop a multiple intrusion detection system (MIDS) which operates by running belief propagation on an appropriately constructed weighted bipartite graph. In this bipartite graph, one set of nodes represents the different types of intrusions that are possible, the other set of nodes represents the set of significant measures that are available, and the (weighted) connections represent the dependence of a certain measure on a particular type of intrusion. We assume that the effect of each active intrusion on a particular significant measure is superimposed on the normal operation of that measure; thus, we are able to obtain a complete representation of the overall bipartite graph model by superimposing the simpler graphs associated with each individual intrusion. The key ingredient of our MIDS is the development of a modified belief propagation max-product algorithm (MPA) that avoids the exponential complexity of the original MPA by limiting, during the iteration process, the number of active intrusions that are connected to a particular measure. Our simulation results indicate that the proposed MIDS performs well in detecting both single and multiple intrusions with a very low false alarm rate.

Published in:

IEEE Transactions on Information Forensics and Security  (Volume:3 ,  Issue: 3 )