R. Karthik, S. Veni


Trust management can help improve intrusion detection by adding a level of focus to anomaly detection. By identifying bounds for valid network activity, robust trust management will aid an analyst in his/her ability to distinguish attack activity from common everyday traffic on the network variants. Since anomaly detection is not based on pre-defined signatures the concern with variants in the code of an exploit are not as great since we are looking for abnormal activity versus a unique signature. An example might be a Remote Procedure Call (RPC) buffer overflow exploit whose code has been modified slightly to evade IDS using signatures. With anomaly detection, the activity would be flagged since the destination machine has never seen an RPC connection attempt and the source IP was never seen connecting to the network.


Intrusion detection, Anomaly detection, Trust management, Remote procedure call, Attacks.


Carol J Fung, Jie Zhang, Issam Aib, and Raouf Boutaba. Dirichlet-based trust management for effective collaborative intrusion detection networks. Network and Service Management, IEEE Transactions june 2011.

C.J. Fung, Q. Zhu, R. Boutaba, and T. Barsar. Bayesian Decision Aggregation in Collaborative Intrusion Detection Networks(NOMS10), 2010.

[3] Duma, C., Karresand, M., Shahmehri, N., Caronni, G.: A trust-aware, p2p-based overlay for intrusion detection. In: DEXA Workshops, pp. 692–697 (2006).

[4] J. Oberheide, E. Cooke, and F. Jahanian. Cloudav: N-version antivirus in the network cloud. In Proceedings of the 17th USENIX Security Symposium, 2008.

[5] Kozushko, H., Intrusion Detection: Host-Based and Network-Based Intrusion Detection Systems, white paper, 2003.

Roesch, M.Snort - Lightweight Intrusion Detection for Network. Proceedings of LISA '99: 13th Systems Administration Conference, Seattle, 1999.

[7] Zhang, J., Cohen, R.: Trusting advice from other buyers in e-marketplaces: the problem of unfair ratings. In: ICEC 2006, pp. 225–234. ACM, New York (2006).

Audit My PC. Port Scanning. Available from (visited Feb. 15, 2012).

Boncheva, V., A Short Survey of Intrusion Detection Systems, Available from (Visited Mar. 12, 2013).

[10] Broadband DSL Reports. Is there a difference between a IDS and a firewall?. Available from (visited Aug. 26, 2013).

Chou, T., Ensemble Fuzzy Belief Intrusion Detection Design. Available from (Visited Sept. 15, 2012).

[12] Clement Dupuis, Access control systems and Methodology, (Apr. 2001). Available from P/ d=1&gl=us (visited Feb. 10, 2013).

[13] Dubrawsky, I. Freeware Intrusion Detection Tools (2001). Available from (Visited Feb. 9, 2013).

[14] Innella, P. The Evolution of Intrusion Detection Systems. Tetrad Digital Integrity, LLC. Available from (Visited May. 09, 2013).

[15] Intrusion detection message exchange format. [Last accessed in Feb 15, 2013].

[16] Jupitermedia Corporation. Intrusion Detection System (2007). Available from (visited Aug. 26, 2013).

KDD Cup 1999 Intrusion detection dataset: databases/kddcup99/kddcup99.html.

[18] Leach, J. Firestorm Network Intrusion Detection System (2002-2003). Available from (visited Aug. 22, 2012).

[19] Macmillan Computer Publishing. Maximum Security: A Hacker’s Guide to Protecting Your Internet Site and Network. Available from (visited Oct. 23, 2012).

[20] Magalhaes, R. M. Intrusion Detection. Available from (visited Jun. 18, 2013).

Full Text: PDF


  • There are currently no refbacks.


All Rights Reserved © 2012 IJARCSEE

Creative Commons License
This work is licensed under a Creative Commons Attribution 3.0 Unported License.