SOOA: Exploring Special On-Off Attacks on Challenge-Based Collaborative Intrusion Detection Networks

Wenjuan  Li; Weizhi Meng; Lam-For  Kwok

doi:10.1007/978-3-319-57186-7_30

SOOA: Exploring Special On-Off Attacks on Challenge-Based Collaborative Intrusion Detection Networks

Wenjuan Li, Weizhi Meng, Lam-For Kwok

Research output: Chapter in Book/Report/Conference proceeding › Article in proceedings › Research › peer-review

Abstract

The development of collaborative intrusion detection networks (CIDNs) aims to enhance the performance of a single intrusion detection system (IDS), through communicating and collecting information from other IDS nodes. To defend CIDNs against insider attacks, trust-based mechanisms are crucial for evaluating the trustworthiness of a node. In the literature, challenge-based trust mechanisms are well established to identify malicious nodes by identifying the deviation between challenges and responses. However, such mechanisms rely on two major assumptions, which may result in a weak threat model and render CIDNs still vulnerable to advanced insider attacks in a practical deployment. In this paper, our motivation is to investigate the effect of On-Off attacks on challenge-based CIDNs. In particular, as a study, we explore a special On-Off attack (called SOOA), which can keep responding normally to one node while acting abnormally to another node. In the evaluation, we explore the attack performance under simulated CIDN environments. Experimental results indicate that our attack can interfere the effectiveness of trust computation for CIDN nodes.

Original language	English
Title of host publication	Green, Pervasive, and Cloud Computing
Volume	10232
Publisher	Springer
Publication date	2017
Pages	402-415
ISBN (Print)	9783319571850
DOIs	https://doi.org/10.1007/978-3-319-57186-7_30
Publication status	Published - 2017
Event	The 12th International Conference on Green, Pervasive and Cloud Computing - Cetus Hotel, Cetara, Amalfi Coast, Italy Duration: 11 May 2017 → 14 May 2017

Conference

Conference	The 12th International Conference on Green, Pervasive and Cloud Computing
Location	Cetus Hotel
Country	Italy
City	Cetara, Amalfi Coast
Period	11/05/2017 → 14/05/2017

Series	Lecture Notes in Computer Science
Volume	10232
ISSN	0302-9743

Keywords

Computer Science
Computer Communication Networks
Information Systems Applications (incl. Internet)
Software Engineering
Information Storage and Retrieval
Algorithm Analysis and Problem Complexity
Artificial Intelligence (incl. Robotics)
Intrusion Detection System
Collaborative network
On-off attacks
Challenge-based CIDN
Trust management

Access to Document

10.1007/978-3-319-57186-7_30

Fingerprint Dive into the research topics of 'SOOA: Exploring Special On-Off Attacks on Challenge-Based Collaborative Intrusion Detection Networks'. Together they form a unique fingerprint.

Cite this

@inproceedings{9d0119554569408a8486d5322b0ddf53,

title = "SOOA: Exploring Special On-Off Attacks on Challenge-Based Collaborative Intrusion Detection Networks",

abstract = "The development of collaborative intrusion detection networks (CIDNs) aims to enhance the performance of a single intrusion detection system (IDS), through communicating and collecting information from other IDS nodes. To defend CIDNs against insider attacks, trust-based mechanisms are crucial for evaluating the trustworthiness of a node. In the literature, challenge-based trust mechanisms are well established to identify malicious nodes by identifying the deviation between challenges and responses. However, such mechanisms rely on two major assumptions, which may result in a weak threat model and render CIDNs still vulnerable to advanced insider attacks in a practical deployment. In this paper, our motivation is to investigate the effect of On-Off attacks on challenge-based CIDNs. In particular, as a study, we explore a special On-Off attack (called SOOA), which can keep responding normally to one node while acting abnormally to another node. In the evaluation, we explore the attack performance under simulated CIDN environments. Experimental results indicate that our attack can interfere the effectiveness of trust computation for CIDN nodes.",

keywords = "Computer Science, Computer Communication Networks, Information Systems Applications (incl. Internet), Software Engineering, Information Storage and Retrieval, Algorithm Analysis and Problem Complexity, Artificial Intelligence (incl. Robotics), Intrusion Detection System, Collaborative network, On-off attacks, Challenge-based CIDN, Trust management",

author = "Wenjuan Li and Weizhi Meng and Lam-For Kwok",

year = "2017",

doi = "10.1007/978-3-319-57186-7_30",

language = "English",

isbn = "9783319571850",

volume = "10232",

series = "Lecture Notes in Computer Science",

publisher = "Springer",

pages = "402--415",

booktitle = "Green, Pervasive, and Cloud Computing",

note = "The 12th International Conference on Green, Pervasive and Cloud Computing, GPC 2017 ; Conference date: 11-05-2017 Through 14-05-2017",

}

Li, W, Meng, W & Kwok, L-F 2017, SOOA: Exploring Special On-Off Attacks on Challenge-Based Collaborative Intrusion Detection Networks. in Green, Pervasive, and Cloud Computing . vol. 10232, Springer, Lecture Notes in Computer Science, vol. 10232, pp. 402-415, The 12th International Conference on Green, Pervasive and Cloud Computing, Cetara, Amalfi Coast, Italy, 11/05/2017. https://doi.org/10.1007/978-3-319-57186-7_30

SOOA: Exploring Special On-Off Attacks on Challenge-Based Collaborative Intrusion Detection Networks. / Li, Wenjuan ; Meng, Weizhi; Kwok, Lam-For .

Green, Pervasive, and Cloud Computing . Vol. 10232 Springer, 2017. p. 402-415 (Lecture Notes in Computer Science, Vol. 10232).

Research output: Chapter in Book/Report/Conference proceeding › Article in proceedings › Research › peer-review

TY - GEN

T1 - SOOA: Exploring Special On-Off Attacks on Challenge-Based Collaborative Intrusion Detection Networks

AU - Li, Wenjuan

AU - Meng, Weizhi

AU - Kwok, Lam-For

PY - 2017

Y1 - 2017

N2 - The development of collaborative intrusion detection networks (CIDNs) aims to enhance the performance of a single intrusion detection system (IDS), through communicating and collecting information from other IDS nodes. To defend CIDNs against insider attacks, trust-based mechanisms are crucial for evaluating the trustworthiness of a node. In the literature, challenge-based trust mechanisms are well established to identify malicious nodes by identifying the deviation between challenges and responses. However, such mechanisms rely on two major assumptions, which may result in a weak threat model and render CIDNs still vulnerable to advanced insider attacks in a practical deployment. In this paper, our motivation is to investigate the effect of On-Off attacks on challenge-based CIDNs. In particular, as a study, we explore a special On-Off attack (called SOOA), which can keep responding normally to one node while acting abnormally to another node. In the evaluation, we explore the attack performance under simulated CIDN environments. Experimental results indicate that our attack can interfere the effectiveness of trust computation for CIDN nodes.

AB - The development of collaborative intrusion detection networks (CIDNs) aims to enhance the performance of a single intrusion detection system (IDS), through communicating and collecting information from other IDS nodes. To defend CIDNs against insider attacks, trust-based mechanisms are crucial for evaluating the trustworthiness of a node. In the literature, challenge-based trust mechanisms are well established to identify malicious nodes by identifying the deviation between challenges and responses. However, such mechanisms rely on two major assumptions, which may result in a weak threat model and render CIDNs still vulnerable to advanced insider attacks in a practical deployment. In this paper, our motivation is to investigate the effect of On-Off attacks on challenge-based CIDNs. In particular, as a study, we explore a special On-Off attack (called SOOA), which can keep responding normally to one node while acting abnormally to another node. In the evaluation, we explore the attack performance under simulated CIDN environments. Experimental results indicate that our attack can interfere the effectiveness of trust computation for CIDN nodes.

KW - Computer Science

KW - Computer Communication Networks

KW - Information Systems Applications (incl. Internet)

KW - Software Engineering

KW - Information Storage and Retrieval

KW - Algorithm Analysis and Problem Complexity

KW - Artificial Intelligence (incl. Robotics)

KW - Intrusion Detection System

KW - Collaborative network

KW - On-off attacks

KW - Challenge-based CIDN

KW - Trust management

U2 - 10.1007/978-3-319-57186-7_30

DO - 10.1007/978-3-319-57186-7_30

M3 - Article in proceedings

SN - 9783319571850

VL - 10232

T3 - Lecture Notes in Computer Science

SP - 402

EP - 415

BT - Green, Pervasive, and Cloud Computing

PB - Springer

T2 - The 12th International Conference on Green, Pervasive and Cloud Computing

Y2 - 11 May 2017 through 14 May 2017

ER -