Detecção de intrusões através da seleção dinâmica de classificador baseada em redes de conselhos

Abstract

Intrusion Detection Systems are common used for information analysis, that are collected from computer networks and computer systems. Through the use of techniques such as data classification, it is possible to identify malicious activities. However, the use of such technique presents a challenge that consists of choosing the ideal classifier against multiple possibilities of attacks. Existing efforts try to mitigate this problem with the use of multiple classifiers, however, this approach often introduces conflicts in decision making. In addition, there are cases where a source analyzed by a detector does not provide sufficient information for a precise decision. The objective of this work is the creation of an intrusion detection architecture through the dynamic selection of classifiers in council networks, where it is explored the consultation of counselors who analyzes multiple and heterogeneous data sources. Preliminary results show that the architecture is promising, resolving conflicts and increasing security in intrusion detection.