Enhancing challenge-based collaborative intrusion detection networks against insider attacks using blockchain

Weizhi Meng*, Wenjuan Li, Laurence T. Yang, Peng Li

*Corresponding author for this work

Research output: Contribution to journalJournal articleResearchpeer-review

Abstract

Due to the rapid growth of computer networks, intrusions have become more complicated and devastating. As an important solution, collaborative intrusion detection networks or systems (CIDNs or CIDSs) are considered and adopted by many organizations to identify cyberattacks. Insider attack is one major threat to such defensive mechanisms. In the literature, challenge-based trust management scheme can help safeguard CIDNs against insider attacks. However, previous studies identified that challenge-based CIDNs may still suffer from advanced insider attacks, like passive message fingerprint attack (PMFA). Motivated by the recent blockchain research, in this work, we propose a blockchain-based approach to help enhance the robustness of challenge-based CIDNs against advanced insider attacks like PMFA, through integrating a type of blockchain-based trust. In the evaluation, we examine our approach in both simulated and real network environments. The results demonstrate that our approach is effective in defeating advanced insider attacks like PMFA and enhancing the robustness of challenge-based CIDNs, as compared with the original scheme.

Original languageEnglish
JournalInternational Journal of Information Security
Number of pages12
ISSN1615-5262
DOIs
Publication statusPublished - 1 Jan 2019

Keywords

  • Blockchain technology
  • Challenge-based mechanism
  • Collaborative intrusion detection
  • Insider attack
  • Trust management

Fingerprint

Dive into the research topics of 'Enhancing challenge-based collaborative intrusion detection networks against insider attacks using blockchain'. Together they form a unique fingerprint.

Cite this