Opportunistic probe: an efficient adaptive detection model for collaborative intrusion detection

The number of network intrusions, such as large-scale stealthy scans, worms, and distributed denial-of-service (DDoS) attacks, has significantly increased. Collaborative intrusion detection system (CIDS) becomes an essential part for analyzing multiple network security simultaneously. The trust-based packet filter method using Bayesian inference tries to decrease the processing burden, but overhead network packets make that performance and accuracy are still open issues. In this paper, we propose an Opportunistic Probe model, which is a transport entity that carries encrypted characteristic attributes from trusted host to the checking host. A Detection Time Optimization Algorithm is proposed to determine the trusted period of hosts during which the unnecessary detection can be reduced. The case study and experimental analysis demonstrates the effectiveness, scalability and robustness of the proposed approach.