Learn More
Our work proposes a generic architecture for runtime monitoring and optimization of IDS based on the challenge insertion. The challenges, known instances of malicious or legitimate behavior, are inserted into the network traffic represented by NetFlow records, processed with the current traffic and the system’s response to the challenges is used to(More)
A common technique for result verification in grid computing is to delegate a computation redundantly to different workers and apply majority voting to the returned results. However, the technique is sensitive to "collusion" where a majority of malicious workers collectively returns the same incorrect result. In this paper, we propose a mechanism that(More)
Our work presents a mechanism designed for the selection of the optimal information provider in a multi-agent, heterogeneous and unsupervised monitoring system. The selfadaptation mechanism is based on the insertion of a small set of prepared challenges that are processed together with the real events observed by the system. The evaluation of the system(More)
Many evidence-based trust models require the adjustment of parameters such as aging- or exploration-factors. What the literature often does not address is the systematic choice of these parameters. In our work, we propose a generic procedure for finding trust model parameters that maximize the expected utility to the trust model user. The procedure is based(More)
We present a trust-based mechanism for the acquisition of information from possibly unreliable sources. Our mechanism addresses the case where the acquired information cannot be verified. The idea is to intersperse questions (“challenges”) for which the correct answers are known. By evaluating the answers to these challenges, probabilistic conclusions about(More)
In this paper we present a slotted packet counting attack against anonymity protocols. Common packet counting attacks make strong assumptions on the setup and can easily lead to wrong conclusions, as we will show in our work. To overcome these limitations, we account for the variation of tra c load over time. We use correlation to express the relation(More)
We present a mechanism for autonomous self-adaptation of a network-based intrusion detection system (IDS). The system is composed of a set of cooperating agents, each of which is based on an existing network behavior analysis method. The self adaptation mechanism is based on the insertion of a small number of challenges, i.e. known instances of past(More)