Extend Dempster-Shafer Theory of Evidence to include differential weightings of alerts drawn from multiple sources. The intent is to support automated (and manual) response to threat by producing more realistic confidence ratings for IDS alerts than is currently available.
Revised: August 6, 2010 |
Published: March 1, 2005
Citation
Yu D., and D.A. Frincke. 2005.Alert Confidence Fusion in Intrusion Detection Systems with Extended Dempster- Shafer Theory. In Proceedings of the 43rd Annual Association for Computing Machinery Southeast Regional Conference (ASM-SE '05), 2, 142-147. New York, New York:Association for Computing Machinery.PNNL-SA-43869.