Evaluating the impact of intrusion sensitivity on securing collaborative intrusion detection networks against SOOA

David Madsen, Wenjuan Li, Weizhi Meng, Yu Wang*

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingArticle in proceedingsResearchpeer-review

Abstract

Cyber attacks are greatly expanding in both size and complexity. To handle this issue, research has been focused on collaborative intrusion detection networks (CIDNs), which can improve the detection accuracy of a single IDS by allowing various nodes to communicate with each other. While such collaborative system or network is vulnerable to insider attacks, which can significantly reduce the advantages of a detector. To protect CIDNs against insider attacks, one potential way is to enhance the trust evaluation among IDS nodes, i.e., by emphasizing the impact of expert nodes. In this work, we adopt the notion of intrusion sensitivity that assigns different values of detection capability relating to particular attacks, and evaluate its impact on defending against a special On-Off attack (SOOA). In the evaluation, we investigate the impact of intrusion sensitivity in a simulated CIDN environment, and experimental results demonstrate that the use of intrusion sensitivity can help enhance the security of CIDNs under adversarial scenarios, like SOOA.

Original languageEnglish
Title of host publicationAlgorithms and Architectures for Parallel Processing - 18th International Conference, ICA3PP 2018, Proceedings
PublisherSpringer
Publication date1 Jan 2018
Pages481-494
ISBN (Print)9783030050627
DOIs
Publication statusPublished - 1 Jan 2018
Event18th International Conference on Algorithms and Architectures for Parallel Processing - Guangzhou, China
Duration: 15 Nov 201817 Nov 2018
Conference number: 18

Conference

Conference18th International Conference on Algorithms and Architectures for Parallel Processing
Number18
CountryChina
CityGuangzhou
Period15/11/201817/11/2018
SeriesLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume11337
ISSN0302-9743

Keywords

  • Challenge-based trust mechanism
  • Collaborative network
  • Insider attack
  • Intrusion detection
  • Intrusion sensitivity

Cite this

Madsen, D., Li, W., Meng, W., & Wang, Y. (2018). Evaluating the impact of intrusion sensitivity on securing collaborative intrusion detection networks against SOOA. In Algorithms and Architectures for Parallel Processing - 18th International Conference, ICA3PP 2018, Proceedings (pp. 481-494). Springer. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), Vol.. 11337 https://doi.org/10.1007/978-3-030-05063-4_36
Madsen, David ; Li, Wenjuan ; Meng, Weizhi ; Wang, Yu. / Evaluating the impact of intrusion sensitivity on securing collaborative intrusion detection networks against SOOA. Algorithms and Architectures for Parallel Processing - 18th International Conference, ICA3PP 2018, Proceedings. Springer, 2018. pp. 481-494 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), Vol. 11337).
@inproceedings{4a05b331b81a433b964b964dee03b9f3,
title = "Evaluating the impact of intrusion sensitivity on securing collaborative intrusion detection networks against SOOA",
abstract = "Cyber attacks are greatly expanding in both size and complexity. To handle this issue, research has been focused on collaborative intrusion detection networks (CIDNs), which can improve the detection accuracy of a single IDS by allowing various nodes to communicate with each other. While such collaborative system or network is vulnerable to insider attacks, which can significantly reduce the advantages of a detector. To protect CIDNs against insider attacks, one potential way is to enhance the trust evaluation among IDS nodes, i.e., by emphasizing the impact of expert nodes. In this work, we adopt the notion of intrusion sensitivity that assigns different values of detection capability relating to particular attacks, and evaluate its impact on defending against a special On-Off attack (SOOA). In the evaluation, we investigate the impact of intrusion sensitivity in a simulated CIDN environment, and experimental results demonstrate that the use of intrusion sensitivity can help enhance the security of CIDNs under adversarial scenarios, like SOOA.",
keywords = "Challenge-based trust mechanism, Collaborative network, Insider attack, Intrusion detection, Intrusion sensitivity",
author = "David Madsen and Wenjuan Li and Weizhi Meng and Yu Wang",
year = "2018",
month = "1",
day = "1",
doi = "10.1007/978-3-030-05063-4_36",
language = "English",
isbn = "9783030050627",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
publisher = "Springer",
pages = "481--494",
booktitle = "Algorithms and Architectures for Parallel Processing - 18th International Conference, ICA3PP 2018, Proceedings",

}

Madsen, D, Li, W, Meng, W & Wang, Y 2018, Evaluating the impact of intrusion sensitivity on securing collaborative intrusion detection networks against SOOA. in Algorithms and Architectures for Parallel Processing - 18th International Conference, ICA3PP 2018, Proceedings. Springer, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 11337, pp. 481-494, 18th International Conference on Algorithms and Architectures for Parallel Processing, Guangzhou, China, 15/11/2018. https://doi.org/10.1007/978-3-030-05063-4_36

Evaluating the impact of intrusion sensitivity on securing collaborative intrusion detection networks against SOOA. / Madsen, David; Li, Wenjuan; Meng, Weizhi; Wang, Yu.

Algorithms and Architectures for Parallel Processing - 18th International Conference, ICA3PP 2018, Proceedings. Springer, 2018. p. 481-494 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), Vol. 11337).

Research output: Chapter in Book/Report/Conference proceedingArticle in proceedingsResearchpeer-review

TY - GEN

T1 - Evaluating the impact of intrusion sensitivity on securing collaborative intrusion detection networks against SOOA

AU - Madsen, David

AU - Li, Wenjuan

AU - Meng, Weizhi

AU - Wang, Yu

PY - 2018/1/1

Y1 - 2018/1/1

N2 - Cyber attacks are greatly expanding in both size and complexity. To handle this issue, research has been focused on collaborative intrusion detection networks (CIDNs), which can improve the detection accuracy of a single IDS by allowing various nodes to communicate with each other. While such collaborative system or network is vulnerable to insider attacks, which can significantly reduce the advantages of a detector. To protect CIDNs against insider attacks, one potential way is to enhance the trust evaluation among IDS nodes, i.e., by emphasizing the impact of expert nodes. In this work, we adopt the notion of intrusion sensitivity that assigns different values of detection capability relating to particular attacks, and evaluate its impact on defending against a special On-Off attack (SOOA). In the evaluation, we investigate the impact of intrusion sensitivity in a simulated CIDN environment, and experimental results demonstrate that the use of intrusion sensitivity can help enhance the security of CIDNs under adversarial scenarios, like SOOA.

AB - Cyber attacks are greatly expanding in both size and complexity. To handle this issue, research has been focused on collaborative intrusion detection networks (CIDNs), which can improve the detection accuracy of a single IDS by allowing various nodes to communicate with each other. While such collaborative system or network is vulnerable to insider attacks, which can significantly reduce the advantages of a detector. To protect CIDNs against insider attacks, one potential way is to enhance the trust evaluation among IDS nodes, i.e., by emphasizing the impact of expert nodes. In this work, we adopt the notion of intrusion sensitivity that assigns different values of detection capability relating to particular attacks, and evaluate its impact on defending against a special On-Off attack (SOOA). In the evaluation, we investigate the impact of intrusion sensitivity in a simulated CIDN environment, and experimental results demonstrate that the use of intrusion sensitivity can help enhance the security of CIDNs under adversarial scenarios, like SOOA.

KW - Challenge-based trust mechanism

KW - Collaborative network

KW - Insider attack

KW - Intrusion detection

KW - Intrusion sensitivity

UR - http://www.scopus.com/inward/record.url?scp=85058653349&partnerID=8YFLogxK

U2 - 10.1007/978-3-030-05063-4_36

DO - 10.1007/978-3-030-05063-4_36

M3 - Article in proceedings

AN - SCOPUS:85058653349

SN - 9783030050627

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 481

EP - 494

BT - Algorithms and Architectures for Parallel Processing - 18th International Conference, ICA3PP 2018, Proceedings

PB - Springer

ER -

Madsen D, Li W, Meng W, Wang Y. Evaluating the impact of intrusion sensitivity on securing collaborative intrusion detection networks against SOOA. In Algorithms and Architectures for Parallel Processing - 18th International Conference, ICA3PP 2018, Proceedings. Springer. 2018. p. 481-494. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), Vol. 11337). https://doi.org/10.1007/978-3-030-05063-4_36