Towards Securing Challenge-Based Collaborative Intrusion Detection Networks via Message Verification

Wenjuan Li, Weizhi Meng, Yu Wang, Jinguang Han, Jin Li

Research output: Chapter in Book/Report/Conference proceedingArticle in proceedingsResearchpeer-review

Abstract

With the increasing number of Internet-of-Things (IoT) devices, intrusion detection systems (IDSs) have been widely deployed in a distributed or collaborative setting, in which a collaborative intrusion detection network (CIDN) improves the detection accuracy of a single IDS by enabling IDS nodes to exchange useful information with each other. To protect CIDNs against insider attacks, challenge-based trust mechanisms are one promising solution to detect malicious nodes through sending challenges. However, several studies have revealed that this kind of mechanism is still vulnerable to some advanced insider attacks like passive message fingerprint attack (PMFA). Motivated by this observation, in this work, we focus on enhancing the security of challenge-based CIDNs and propose a compact but efficient message verification approach to defeat such insider attack by inserting a verifying alarm into each normal request. In the evaluation, we investigate the attack performance under both simulated and real network environments. Experimental results demonstrate that our approach can identify malicious nodes under PMFA and decrease their trust values in a quick manner.
Original languageEnglish
Title of host publicationInformation Security Practice and Experience
Publication date2018
Pages313-328
ISBN (Print)9783319998060
DOIs
Publication statusPublished - 2018
Event14th International Conference on Information Security Practice and Experience - Tokyo Campus, University of Tsukuba, Tokyo, Japan
Duration: 25 Sep 201827 Sep 2018
http://www.risk.tsukuba.ac.jp/ispec2018/

Conference

Conference14th International Conference on Information Security Practice and Experience
LocationTokyo Campus, University of Tsukuba
CountryJapan
CityTokyo
Period25/09/201827/09/2018
Internet address
SeriesLecture Notes in Computer Science
Volume11125
ISSN0302-9743

Keywords

  • Computer Science
  • Systems and Data Security
  • Intrusion detection
  • Collaborative network
  • Insider attack
  • Passive message fingerprint attack
  • Challenge-based trust mechanism

Fingerprint Dive into the research topics of 'Towards Securing Challenge-Based Collaborative Intrusion Detection Networks via Message Verification'. Together they form a unique fingerprint.

Cite this