CBSigIDS: Towards Collaborative Blockchained Signature-Based Intrusion Detection

Steven Tug, Weizhi Meng*, Yu Wang

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingArticle in proceedingsResearchpeer-review

Abstract

Intrusion detection systems (IDSs) are one of the most important security mechanisms that help identify various attacks. To enhance the detection performance of a single IDS, collaborative intrusion detection systems or networks (CIDSs or CIDNs) are often implemented in practical organizations, which encourage a set of IDS nodes to exchange information like alarms and signatures with each other. However, due to the distributed nature, malicious nodes within such collaborative network are able to generate untruthful signatures and share to others. This may significantly degrade the effectiveness and efficiency of detection. Recently, blockchain technology has received much attention from both academia and industry, which can provide a verifiable manner for distributed architectures without the need of a trusted intermediary. In this work, our motivation is thus to develop CBSigIDS, a generic framework of collaborative blockchained signature-based IDSs, which utilizes blockchains to help incrementally update a trusted signature database for different IDS nodes in a collaborative network. In the evaluation, our results show that blockchain technology can indeed help enhance the robustness and effectiveness of signature-based IDSs under adversarial scenarios via building a trusted signature database.

Conference

Conference11th IEEE International Congress on Conferences on Internet of Things, 14th IEEE International Conference on Green Computing and Communications, 11th IEEE International Conference on Cyber, Physical and Social Computing, 4th IEEE International Conference on Smart Data, 1st IEEE International Conference on Blockchain and 18th IEEE International Conference on Computer and Information Technology, iThings/GreenCom/CPSCom/SmartData/Blockchain/CIT 2018
CountryCanada
CityHalifax
Period30/07/201803/08/2018
SponsorIEEE

Keywords

  • Blockchain Technology
  • Collaborative and Distributed Network
  • Generic Framework
  • Insider Attacks
  • Intrusion Detection Systems
  • Signature-based Approach

Cite this

Tug, S., Meng, W., & Wang, Y. (2018). CBSigIDS: Towards Collaborative Blockchained Signature-Based Intrusion Detection. In Proceedings of the IEEE 2018 International Congress on Cybermatics (pp. 1228-1235). [8726642] IEEE. https://doi.org/10.1109/Cybermatics_2018.2018.00217
Tug, Steven ; Meng, Weizhi ; Wang, Yu. / CBSigIDS : Towards Collaborative Blockchained Signature-Based Intrusion Detection. Proceedings of the IEEE 2018 International Congress on Cybermatics. IEEE, 2018. pp. 1228-1235
@inproceedings{324b9fabbac34d0c88794f3fea519254,
title = "CBSigIDS: Towards Collaborative Blockchained Signature-Based Intrusion Detection",
abstract = "Intrusion detection systems (IDSs) are one of the most important security mechanisms that help identify various attacks. To enhance the detection performance of a single IDS, collaborative intrusion detection systems or networks (CIDSs or CIDNs) are often implemented in practical organizations, which encourage a set of IDS nodes to exchange information like alarms and signatures with each other. However, due to the distributed nature, malicious nodes within such collaborative network are able to generate untruthful signatures and share to others. This may significantly degrade the effectiveness and efficiency of detection. Recently, blockchain technology has received much attention from both academia and industry, which can provide a verifiable manner for distributed architectures without the need of a trusted intermediary. In this work, our motivation is thus to develop CBSigIDS, a generic framework of collaborative blockchained signature-based IDSs, which utilizes blockchains to help incrementally update a trusted signature database for different IDS nodes in a collaborative network. In the evaluation, our results show that blockchain technology can indeed help enhance the robustness and effectiveness of signature-based IDSs under adversarial scenarios via building a trusted signature database.",
keywords = "Blockchain Technology, Collaborative and Distributed Network, Generic Framework, Insider Attacks, Intrusion Detection Systems, Signature-based Approach",
author = "Steven Tug and Weizhi Meng and Yu Wang",
year = "2018",
month = "7",
day = "1",
doi = "10.1109/Cybermatics_2018.2018.00217",
language = "English",
pages = "1228--1235",
booktitle = "Proceedings of the IEEE 2018 International Congress on Cybermatics",
publisher = "IEEE",
address = "United States",

}

Tug, S, Meng, W & Wang, Y 2018, CBSigIDS: Towards Collaborative Blockchained Signature-Based Intrusion Detection. in Proceedings of the IEEE 2018 International Congress on Cybermatics., 8726642, IEEE, pp. 1228-1235, 11th IEEE International Congress on Conferences on Internet of Things, 14th IEEE International Conference on Green Computing and Communications, 11th IEEE International Conference on Cyber, Physical and Social Computing, 4th IEEE International Conference on Smart Data, 1st IEEE International Conference on Blockchain and 18th IEEE International Conference on Computer and Information Technology, iThings/GreenCom/CPSCom/SmartData/Blockchain/CIT 2018, Halifax, Canada, 30/07/2018. https://doi.org/10.1109/Cybermatics_2018.2018.00217

CBSigIDS : Towards Collaborative Blockchained Signature-Based Intrusion Detection. / Tug, Steven; Meng, Weizhi; Wang, Yu.

Proceedings of the IEEE 2018 International Congress on Cybermatics. IEEE, 2018. p. 1228-1235 8726642.

Research output: Chapter in Book/Report/Conference proceedingArticle in proceedingsResearchpeer-review

TY - GEN

T1 - CBSigIDS

T2 - Towards Collaborative Blockchained Signature-Based Intrusion Detection

AU - Tug, Steven

AU - Meng, Weizhi

AU - Wang, Yu

PY - 2018/7/1

Y1 - 2018/7/1

N2 - Intrusion detection systems (IDSs) are one of the most important security mechanisms that help identify various attacks. To enhance the detection performance of a single IDS, collaborative intrusion detection systems or networks (CIDSs or CIDNs) are often implemented in practical organizations, which encourage a set of IDS nodes to exchange information like alarms and signatures with each other. However, due to the distributed nature, malicious nodes within such collaborative network are able to generate untruthful signatures and share to others. This may significantly degrade the effectiveness and efficiency of detection. Recently, blockchain technology has received much attention from both academia and industry, which can provide a verifiable manner for distributed architectures without the need of a trusted intermediary. In this work, our motivation is thus to develop CBSigIDS, a generic framework of collaborative blockchained signature-based IDSs, which utilizes blockchains to help incrementally update a trusted signature database for different IDS nodes in a collaborative network. In the evaluation, our results show that blockchain technology can indeed help enhance the robustness and effectiveness of signature-based IDSs under adversarial scenarios via building a trusted signature database.

AB - Intrusion detection systems (IDSs) are one of the most important security mechanisms that help identify various attacks. To enhance the detection performance of a single IDS, collaborative intrusion detection systems or networks (CIDSs or CIDNs) are often implemented in practical organizations, which encourage a set of IDS nodes to exchange information like alarms and signatures with each other. However, due to the distributed nature, malicious nodes within such collaborative network are able to generate untruthful signatures and share to others. This may significantly degrade the effectiveness and efficiency of detection. Recently, blockchain technology has received much attention from both academia and industry, which can provide a verifiable manner for distributed architectures without the need of a trusted intermediary. In this work, our motivation is thus to develop CBSigIDS, a generic framework of collaborative blockchained signature-based IDSs, which utilizes blockchains to help incrementally update a trusted signature database for different IDS nodes in a collaborative network. In the evaluation, our results show that blockchain technology can indeed help enhance the robustness and effectiveness of signature-based IDSs under adversarial scenarios via building a trusted signature database.

KW - Blockchain Technology

KW - Collaborative and Distributed Network

KW - Generic Framework

KW - Insider Attacks

KW - Intrusion Detection Systems

KW - Signature-based Approach

U2 - 10.1109/Cybermatics_2018.2018.00217

DO - 10.1109/Cybermatics_2018.2018.00217

M3 - Article in proceedings

AN - SCOPUS:85062294162

SP - 1228

EP - 1235

BT - Proceedings of the IEEE 2018 International Congress on Cybermatics

PB - IEEE

ER -

Tug S, Meng W, Wang Y. CBSigIDS: Towards Collaborative Blockchained Signature-Based Intrusion Detection. In Proceedings of the IEEE 2018 International Congress on Cybermatics. IEEE. 2018. p. 1228-1235. 8726642 https://doi.org/10.1109/Cybermatics_2018.2018.00217