Intrusion Detection Systems and Multisensor Data Fusion
From Tim Bass' CISSP Wiki
(Redirected from Main Page)
In 1999 Tim Bass, CISSP, published a series of papers on the future of intrusion detection in the Internet. These papers, in particular his ACM paper, Intrusion Detection Systems & Multisensor Data Fusion - Creating Cyberspace Situational Awareness [1], helped spark a modern revolution in Internet security, particularly in the area of network-based intrusion detection systems (IDS). This paper was motivated, in part, based on Bass' work during The Langley Cyberattack described in his paper E-Mail Bombs and Countermeasures: Cyber Attacks on Availability and Brand Integrity. In this WikiPage we survey subsequent papers that reference Bass' work in next generation multisensor data fusion-based IDS.
Contents |
Original IDS Papers
The table below contain links to Bass' three IDS papers. These papers were written in 1999 based on his experience in defending military and financial networks against coordinated cyberattacks.
| Date | Author(s) | Organization | Document |
| February 26, 1999 | Tim Bass | SilkRoad | Intrusion Detection Systems & Multisensor Data Fusion (Published in April 2000) |
| May 1999 | Tim Bass | SilkRoad | Multisensor Data Fusion for Next Generation Distributed Intrusion Detection Systems |
| September 1999 | Tim Bass and David Gruber | SilkRoad, USAF | A Glimpse Into the Future of ID |
PhD, Masters and Bachelors Degree Thesis
This is a selected list of university papers that were, to some degree, inspired and motivated by Bass' IDS work.
| Date | Author(s) | Organization | Document |
| June 9, 2004 | S. Terry Brugger | University of California | Data Mining for Network Intrusion DetectionSee Also |
| December 2004 | James Graves | Napier University | Advanced Detection and Immunisation of Network Based Security Threats |
| 2004 | Jeffrey L. Undercoffer | University of Maryland | Intrusion Detection: Modeling System State to Detect and Classify Aberrant Behaviors |
| June 2, 2003 | Kenneth Ingham | University of New Mexico | Protecting Network Servers |
| October 2002 | Remco C. de Boer | Rotterdam School of Economics | A Generic Architecture for Fusion-Based Intrusion Detection Systems |
| 2001 | Baino Paul | Royal Melbourne Institute of Technology | Evaluate of Security Risks Associated with Networked Information Systems |
| October 18, 2000 | Diego Zamboni | Purdue University | Doing intrusion detection using embedded sensors — Thesis Proposal |
Conference Papers
This table contains selected conference papers that reference Bass' ACM paper on IDS and Multisensor Data Fusion. Included, for completeness, are two of Bass' follow-up papers.
| Date | Author(s) | Organization | Document |
| September 8, 2005 | Jason Shifflet | John Carroll University | A Technique Independent Fusion Model for Network Intrusion Detection |
| July 12, 2005 | Jeyanthi Hall, Michel Barbeau, and Evangelos Kranakis | TBD | Radio Frequency Fingerprinting for Intrusion Detection in Wireless Networks |
| June 2005 | Dong Song, Heywood, M.I., Zincir-Heywood, A.N. | University of Michigan | Training Genetic Programming on Half a Million Patterns: An Example from Anomaly Detection |
| May/June 2005 | Taejoon Park and Kang G. Shin | University of Michigan | Soft Tamper-Proofing via Program Integrity Verification in Wireless Sensor Networks |
| April 17-21,2005 | Eduardo Freire Nakamura1, Carlos Mauricio S. Figueiredo1,and Antonio Alfredo F. Loureiro1 | Federal University of Minas Gerais, Research and Technological Innovation Center | Information Fusion for Data Dissemination in Self-Organizing Wireless Sensor Networks |
| March 2005 | Dong Yu & Deborah Frincke | University of Idaho | Alert Confidence Fusion in Intrusion Detection Systems with Extended Dempster-Shafer Theory |
| 2005 | Leo J. De Vin1, Sten F. Andler, Amos H.C. Ng, Philip R. Moore2, Junsheng Pu and Bill C-B Wong | University of Skövde, De Montfort University | Information Fusion: What Can the Manufacturing Sector Learn from the Defence Industry |
| 2005 | Leo J De Vin, Amos H C Ng, Amos H C Ng, Sten F Andle | University of Skövde | Information Fusion for Simulation Based Decision Support in Manufacturing |
| December 4, 2004 | Nong Ye, Qiang Chen, and Connie M. Borror | Arizona State University | EWMA Forecast of Normal System Activity for EWMA Forecast of Normal System Activity for Computer Intrusion Detection |
| November 2, 2004 | Tim Bass | SilkRoad | Service-Oriented Horizontal Fusion in Distributed Coordination-Based Systems |
| July 12, 2004 | Yan Chen Aaron Beach Jason Skicewicz | Northwestern University | Cyber Disease Monitoring with Distributed Hash Tables: A Global Peer-to-Peer Intrusion Detection System |
| March 14-17, 2004 | Stefano Zanero & Sergio M. Savaresi | Politecnico di Milano | Unsupervised Learning Techniques for an intrusion Detection System |
| March 2004 | Christos Siaterlis & Basil Maglaris | National Technical University of Athens | Towards Multisensor Data Fusion for DoS Detection |
| March 2004 | Sodiya A.S., Longe H.O.D., Akinwale A.T. | Emerald Group Publishing Limited | A New Two-tiered Strategy to Intrusion Detection |
| March 2004 | Nong Ye, Yebin Zhang, and Connie M. Borror | Arizona State University, Information and Systems Assurance Laboratory | Robustness of the Markov-Chain Model for Cyber-Attack Detection |
| 2004 | Alexandr Seleznyov and Stephen Hailes | University College London | Distributed Knowledge Management for Autonomous Access Control in Computer Networks |
| 2004 | Fabrice Gadaud, Mathieu Blanc, Frederic Combeau | Commissariat `a l’Energie Atomique & Laboratoire d’Informatique Fondamentale d’Orlean | An Adaptive Instrumented Node for Efficient Anomalies and Misuse Detections in HPC environment |
| 2004 | Dipankar Dasgupta | The University of Memphis | Immuno-Inspired Autonomic System for Cyber Defense |
| 2003 | P. Pietik"ainen, J. R"oning | University of Oulu | Communication Pattern Extraction: Inferring Causal Relationships in Complex Systems |
| 2003 | Jurgen Bohn, Felix Gartner, and Harald Vogt | Eidgenossische Technische Hochschule (ETH) Zurich, Ecole Polytechnique Federale de Lausanne (EPFL) | Dependability Issues of Pervasive Computing in a Healthcare Environment |
| 2003 | Christos Siaterlis & Basil Maglaris | National Technical University of Athens | A Novel Approach for a Distributed Denial of Service Detection Engine |
| 2003 | D. Dasgupta, F. Gonzalez, K. Yallapu, J. Gomez, R. Yarramsettii, G. Dunlap, M. Greveas | The University of Memphis, DARPA | CIDS: An Agent-based Intrusion Detection System |
| September 9-12, 2002 | G. Chachis | Titan Systems Corporation | Nanosoftware: All for One or One for All? |
| July 7, 2002 | Tim Bass | SilkRoad | The Federation of Critical Infrastructure Information via Publish-Subscribe Enabled Multisensor Data Fusion |
| June 23-26, 2002 | Andy Franz, Radek Mista, David Bakken, Curtis Dyreson, Murali Medidi | Washington State University | Mr. Fusion: A Programmable Data Fusion Middleware Subsystem with a Tunable Statistical Profiling Service |
| June 17-19 2002 | Stephen D. Wolthusen | Fraunhofer-IGD | Distributed Intrusion Detection for Policy-Controlled Heterogeneous Environments |
| 2002 | Jeffrey Undercoffer, Filip Perich and Charles Nicholas | University of Maryland | SHOMAR: An Open Architecture for Distributed Intrusion Detection Services |
| September 14, 2001 | W. Elmenreich and S. Pitzek | Institut fur Technische Informatik | The Time-Triggered Sensor Fusion Model |
| March 1, 2001 | Guy Helmer, Johnny S.K. Wong, Vasant Honavar, Les Miller, Yanxin Wang | Iowa State University | Lightweight Agents for Intrusion Detection |
| 2001 | David E. Bakken, Zhiyuan Zhan, Christopher C. Jones & David A. Karr | Washington State University, BBN Technologies | Middleware Support for Voting and Data Fusion |
| 2001 | Zheng Shan,Peng Chen, Ying Xu & Ke Xu | IEEE Computer Society | A Network State Based Intrusion Detection Model |
| 2001 | Rajeev Gopalakrishna | Purdue University | A Framework for Distributed Intrusion Detection using Interest-Driven Cooperative Agents |
Selected Web Articles and On-Line Presentations
Here the Wiki references a few on-line papers and presentations that also reference Bass' IDS work.
Languages Other Than English
| Date | Author(s) | Organization | Language | Document |
| March 28, 2005 | TBD | TBD | Japanese | MegaCrypt 2005 |
| 2002 | NTT | NTT Data | Japanese | An Analysis and Decision Support System Against Network Intrusions |
| 1999 | TBD | JetInfo.Ru | Russian | Активный аудит |
See Also
- SilkRoad/Tim Bass Published Papers
- (ISC)2 CISSP Home Page
- Berkeley Open Infrastructure for Network Computing (BOINC)
Notes
- Kindly join our Yahoo! Discussion Forum for Next Generation IDS & Multisensor Data Fusion Collaboration
- ISC2 and CISSP are registered trademarks of (ISC)^2, Inc.
