Enhancing collaborative intrusion detection networks against insider attacks using supervised intrusion sensitivity-based trust management model

Research output: Contribution to journalJournal article – Annual report year: 2017Researchpeer-review

View graph of relations

To defend against complex attacks, collaborative intrusion detection networks (CIDNs) have been developed to enhance the detection accuracy, which enable an IDS to collect information and learn experience from others. However, this kind of networks is vulnerable to malicious nodes which are utilized by insider attacks (e.g., betrayal attacks). In our previous research, we developed a notion of intrusion sensitivity and identified that it can help improve the detection of insider attacks, whereas it is still a challenge for these nodes to automatically assign the values. In this article, we therefore aim to design an intrusion sensitivity-based trust management model that allows each IDS to evaluate the trustworthiness of others by considering their detection sensitivities, and further develop a supervised approach, which employs machine learning techniques to automatically assign the values of intrusion sensitivity based on expert knowledge. In the evaluation, we compare the performance of three different supervised classifiers in assigning sensitivity values and investigate our trust model under different attack scenarios and in a real wireless sensor network. Experimental results indicate that our trust model can enhance the detection accuracy of malicious nodes and achieve better performance as compared with similar models.
Original languageEnglish
JournalJournal of Network and Computer Applications
Volume77
Pages (from-to)135-145
Number of pages11
ISSN1084-8045
DOIs
Publication statusPublished - 2017
CitationsWeb of Science® Times Cited: No match on DOI

    Research areas

  • Intrusion detection, Collaborative network, Intrusion sensitivity, Machine learning, Trust management model, Insider attacks

ID: 127310438