Towards Securing Challenge-Based Collaborative Intrusion Detection Networks via Message Verification

Wenjuan Li, Weizhi Meng, Yu Wang, Jinguang Han, Jin Li

Research output: Chapter in Book/Report/Conference proceedingArticle in proceedingsResearchpeer-review

Abstract

With the increasing number of Internet-of-Things (IoT) devices, intrusion detection systems (IDSs) have been widely deployed in a distributed or collaborative setting, in which a collaborative intrusion detection network (CIDN) improves the detection accuracy of a single IDS by enabling IDS nodes to exchange useful information with each other. To protect CIDNs against insider attacks, challenge-based trust mechanisms are one promising solution to detect malicious nodes through sending challenges. However, several studies have revealed that this kind of mechanism is still vulnerable to some advanced insider attacks like passive message fingerprint attack (PMFA). Motivated by this observation, in this work, we focus on enhancing the security of challenge-based CIDNs and propose a compact but efficient message verification approach to defeat such insider attack by inserting a verifying alarm into each normal request. In the evaluation, we investigate the attack performance under both simulated and real network environments. Experimental results demonstrate that our approach can identify malicious nodes under PMFA and decrease their trust values in a quick manner.
Original languageEnglish
Title of host publicationInformation Security Practice and Experience
Publication date2018
Pages313-328
ISBN (Print)9783319998060
DOIs
Publication statusPublished - 2018
Event14th International Conference on Information Security Practice and Experience - Tokyo Campus, University of Tsukuba, Tokyo, Japan
Duration: 25 Sep 201827 Sep 2018
http://www.risk.tsukuba.ac.jp/ispec2018/

Conference

Conference14th International Conference on Information Security Practice and Experience
LocationTokyo Campus, University of Tsukuba
CountryJapan
CityTokyo
Period25/09/201827/09/2018
Internet address
SeriesLecture Notes in Computer Science
Volume11125
ISSN0302-9743

Keywords

  • Computer Science
  • Systems and Data Security
  • Intrusion detection
  • Collaborative network
  • Insider attack
  • Passive message fingerprint attack
  • Challenge-based trust mechanism

Cite this

Li, W., Meng, W., Wang, Y., Han, J., & Li, J. (2018). Towards Securing Challenge-Based Collaborative Intrusion Detection Networks via Message Verification. In Information Security Practice and Experience (pp. 313-328). Lecture Notes in Computer Science, Vol.. 11125 https://doi.org/10.1007/978-3-319-99807-7_19
Li, Wenjuan ; Meng, Weizhi ; Wang, Yu ; Han, Jinguang ; Li, Jin. / Towards Securing Challenge-Based Collaborative Intrusion Detection Networks via Message Verification. Information Security Practice and Experience. 2018. pp. 313-328 (Lecture Notes in Computer Science, Vol. 11125).
@inproceedings{ca4149bd340b40ba9b84b83f5b0b29f4,
title = "Towards Securing Challenge-Based Collaborative Intrusion Detection Networks via Message Verification",
abstract = "With the increasing number of Internet-of-Things (IoT) devices, intrusion detection systems (IDSs) have been widely deployed in a distributed or collaborative setting, in which a collaborative intrusion detection network (CIDN) improves the detection accuracy of a single IDS by enabling IDS nodes to exchange useful information with each other. To protect CIDNs against insider attacks, challenge-based trust mechanisms are one promising solution to detect malicious nodes through sending challenges. However, several studies have revealed that this kind of mechanism is still vulnerable to some advanced insider attacks like passive message fingerprint attack (PMFA). Motivated by this observation, in this work, we focus on enhancing the security of challenge-based CIDNs and propose a compact but efficient message verification approach to defeat such insider attack by inserting a verifying alarm into each normal request. In the evaluation, we investigate the attack performance under both simulated and real network environments. Experimental results demonstrate that our approach can identify malicious nodes under PMFA and decrease their trust values in a quick manner.",
keywords = "Computer Science, Systems and Data Security, Intrusion detection, Collaborative network, Insider attack, Passive message fingerprint attack, Challenge-based trust mechanism",
author = "Wenjuan Li and Weizhi Meng and Yu Wang and Jinguang Han and Jin Li",
year = "2018",
doi = "10.1007/978-3-319-99807-7_19",
language = "English",
isbn = "9783319998060",
series = "Lecture Notes in Computer Science",
publisher = "Springer",
pages = "313--328",
booktitle = "Information Security Practice and Experience",

}

Li, W, Meng, W, Wang, Y, Han, J & Li, J 2018, Towards Securing Challenge-Based Collaborative Intrusion Detection Networks via Message Verification. in Information Security Practice and Experience. Lecture Notes in Computer Science, vol. 11125, pp. 313-328, 14th International Conference on Information Security Practice and Experience, Tokyo, Japan, 25/09/2018. https://doi.org/10.1007/978-3-319-99807-7_19

Towards Securing Challenge-Based Collaborative Intrusion Detection Networks via Message Verification. / Li, Wenjuan; Meng, Weizhi; Wang, Yu; Han, Jinguang; Li, Jin.

Information Security Practice and Experience. 2018. p. 313-328 (Lecture Notes in Computer Science, Vol. 11125).

Research output: Chapter in Book/Report/Conference proceedingArticle in proceedingsResearchpeer-review

TY - GEN

T1 - Towards Securing Challenge-Based Collaborative Intrusion Detection Networks via Message Verification

AU - Li, Wenjuan

AU - Meng, Weizhi

AU - Wang, Yu

AU - Han, Jinguang

AU - Li, Jin

PY - 2018

Y1 - 2018

N2 - With the increasing number of Internet-of-Things (IoT) devices, intrusion detection systems (IDSs) have been widely deployed in a distributed or collaborative setting, in which a collaborative intrusion detection network (CIDN) improves the detection accuracy of a single IDS by enabling IDS nodes to exchange useful information with each other. To protect CIDNs against insider attacks, challenge-based trust mechanisms are one promising solution to detect malicious nodes through sending challenges. However, several studies have revealed that this kind of mechanism is still vulnerable to some advanced insider attacks like passive message fingerprint attack (PMFA). Motivated by this observation, in this work, we focus on enhancing the security of challenge-based CIDNs and propose a compact but efficient message verification approach to defeat such insider attack by inserting a verifying alarm into each normal request. In the evaluation, we investigate the attack performance under both simulated and real network environments. Experimental results demonstrate that our approach can identify malicious nodes under PMFA and decrease their trust values in a quick manner.

AB - With the increasing number of Internet-of-Things (IoT) devices, intrusion detection systems (IDSs) have been widely deployed in a distributed or collaborative setting, in which a collaborative intrusion detection network (CIDN) improves the detection accuracy of a single IDS by enabling IDS nodes to exchange useful information with each other. To protect CIDNs against insider attacks, challenge-based trust mechanisms are one promising solution to detect malicious nodes through sending challenges. However, several studies have revealed that this kind of mechanism is still vulnerable to some advanced insider attacks like passive message fingerprint attack (PMFA). Motivated by this observation, in this work, we focus on enhancing the security of challenge-based CIDNs and propose a compact but efficient message verification approach to defeat such insider attack by inserting a verifying alarm into each normal request. In the evaluation, we investigate the attack performance under both simulated and real network environments. Experimental results demonstrate that our approach can identify malicious nodes under PMFA and decrease their trust values in a quick manner.

KW - Computer Science

KW - Systems and Data Security

KW - Intrusion detection

KW - Collaborative network

KW - Insider attack

KW - Passive message fingerprint attack

KW - Challenge-based trust mechanism

U2 - 10.1007/978-3-319-99807-7_19

DO - 10.1007/978-3-319-99807-7_19

M3 - Article in proceedings

SN - 9783319998060

T3 - Lecture Notes in Computer Science

SP - 313

EP - 328

BT - Information Security Practice and Experience

ER -

Li W, Meng W, Wang Y, Han J, Li J. Towards Securing Challenge-Based Collaborative Intrusion Detection Networks via Message Verification. In Information Security Practice and Experience. 2018. p. 313-328. (Lecture Notes in Computer Science, Vol. 11125). https://doi.org/10.1007/978-3-319-99807-7_19