Generalized Evidential Processing in Multiple Simultaneous Threat Detection in UNIX

Generalized Evidential Processing in Multiple Simultaneous Threat Detection in UNIX

Zafar Sultan (University of New England, Australia) and Paul Kwan (University of New England, Australia)
DOI: 10.4018/978-1-4666-0336-3.ch009

Abstract

In this paper, a hybrid identity fusion model at decision level is proposed for Simultaneous Threat Detection Systems. The hybrid model is comprised of mathematical and statistical data fusion engines; Dempster Shafer, Extended Dempster and Generalized Evidential Processing (GEP). Simultaneous Threat Detection Systems improve threat detection rate by 39%. In terms of efficiency and performance, the comparison of 3 inference engines of the Simultaneous Threat Detection Systems showed that GEP is the better data fusion model. GEP increased precision of threat detection from 56% to 95%. Furthermore, set cover packing was used as a middle tier data fusion tool to discover the reduced size groups of threat data. Set cover provided significant improvement and reduced threat population from 2272 to 295, which helped in minimizing the processing complexity of evidential processing cost and time in determining the combined probability mass of proposed Multiple Simultaneous Threat Detection System. This technique is particularly relevant to on-line and Internet dependent applications including portals.
Chapter Preview
Top

2. Existing Threat Detection Approaches In Unix

Parametric / non parametric techniques like Bayesian, Dempster Shafer, fuzzy rule and Kalman Filter are the most predominated techniques used for multiple threat detection in UNIX (Braun, 2000; Grocholsky, Makarenko, & Durrant-Whyte, 2003; Wu, Siegel, Stiefelhagen, & Yang, 2002). Theory of Set Cover, Chapman-Kalmogorov prediction model and method of least squares have also been used as an integral model with Bayesian, Dempster Shafer, Extended Dempster and GEP (Koks & Challa, 2005).

Complete Chapter List

Search this Book:
Reset