Michel Toulouse
ABSTRACT
Consensus algorithms provide strategies to solve problems in a distributed system with the added constraint that data can only be shared between adjacent computing nodes. We find these algorithms in applications for wireless and sensor networks, spectrum sensing for cognitive radio, even for some IoT services. However, consensus-based applications are not resilient to compromised nodes sending falsified data to their neighbors, i.e. they can be the target of Byzantine attacks. Several solutions have been proposed in the literature inspired from reputation based systems, outlier detection or model-based fault detection techniques in process control. We have reviewed some of these solutions, and propose two mitigation techniques to protect the consensus-based Network Intrusion Detection System in [1]. We analyze several implementation issues such as computational overhead, fine tuning of the solution parameters, impacts on the convergence of the consensus phase, accuracy of the intrusion detection system.
- M. Toulouse, B. Q. Minh, and P. Curtis, "A consensus based network intrusion detection system." in IT Convergence and Security (ICITCS), 2015 5th International Conference on. IEEE, 2015, pp. 1--6. {Online}. Available: http://dblp.uni-trier.de/db/conf/icitcs/icitcs2015.html#ToulouseMC15Google Scholar
- L. Lamport, R. Shostak, and M. Pease, "The byzantine generals problem," ACM Trans. Program. Lang. Syst., vol. 4, no. 3, pp. 382--401, Jul. 1982. {Online}. Available: Google ScholarDigital Library
- W. Zeng and M.-Y. Chow, "A reputation-based secure distributed control methodology in D-NCS." IEEE Trans. Industrial Electronics, vol. 61, no. 11, pp. 6294--6303, 2014. {Online}. Available: http://dblp.uni-trier.de/db/journals/tie/tie61.html#ZengC14Google ScholarCross Ref
- Q. Yan, M. Li, T. Jiang, W. Lou, and Y. T. Hou, "Vulnerability and protection for distributed consensus-based spectrum sensing in cognitive radio networks," in INFOCOM, 2012 Proceedings IEEE. IEEE, 2012, pp. 900--908.Google Scholar
- R. Isermann, "Model-based fault-detection and diagnosis - status and applications," Annual Reviews in Control, vol. 29, pp. 71--85, 2005.Google ScholarCross Ref
- M. Tavallaee, E. Bagheri, W. Lu, and A. A. Ghorbani, "A detailed analysis of the kdd cup 99 data set," in Proceedings of the Second IEEE International Conference on Computational Intelligence for Security and Defense Applications, ser. CISDA09. Piscataway, NJ, USA: IEEE Press, 2009, pp. 53--58. {Online}. Available: http://dl.acm.org/citation.cfm?id=1736481.1736489 Google ScholarDigital Library
- D. E. Denning, "An intrusion-detection model," Software Engineering - Special issue on computer security and privacy, no. 2, pp. 222--232, 1987. Google ScholarDigital Library
- M. Szmit, S. Adamus, S. Bugala, and A. Szmit, "Implementation of brutlag's algorithm in anomaly detection 3.0." in FedCSIS, 2012, pp. 685--691.Google Scholar
- M. V. Mahoney and P. K. Chan, "PHAD: Packet Header Anomaly Detection for Identifying Hostile Network Traffic," Florida Institute of Technology, Tech. Rep. CS-2001-4 2004, 2001.Google Scholar
- M. Casenove, "Exfiltrations using polymorphic blending techniques: Analysis and countermeasures," in Cyber Conflict: Architectures in Cyberspace (CyCon), 2015 7th International Conference on. IEEE, 2015, pp. 217--230.Google Scholar
- I. Corona, G. Giacinto, and F. Roli, "Adversarial attacks against intrusion detection systems: Taxonomy, solutions and open issues," Information Sciences, vol. 239, pp. 201--225, 2013. Google ScholarDigital Library
- S. R. Snapp, J. Brentano, G. V. Dias, T. L. Goan, L. T. Heberlein, C. L. Ho, K. N. Levitt, B. Mukherjee, S. E. Smaha, T. Grance et al., "Dids (distributed intrusion detection system)-motivation, architecture, and an early prototype," in Proceedings of the 14th national computer security conference, vol. 1. Citeseer, 1991, pp. 167--176.Google Scholar
- T. Bass, "Multisensor data fusion for next generation distributed intrusion detection systems," in In Proceedings of the IRIS National Symposium on Sensor and Data Fusion, 1999, pp. 24--27.Google Scholar
- R. Janakiraman, M. Waldvogel, and Q. Zhang, "Indra: A peer-to-peer approach to network intrusion detection and prevention," in Enabling Technologies: Infrastructure for Collaborative Enterprises, 2003. WET ICE 2003. Proceedings. Twelfth IEEE International Workshops on. IEEE, 2003, pp. 226--231. Google ScholarDigital Library
- C. V. Zhou, S. Karunasekera, and C. Leckie, "A peer-to-peer collaborative intrusion detection system," in 2005 13th IEEE International Conference on Networks Jointly held with the 2005 IEEE 7th Malaysia International Confon Communic, vol. 1, Nov 2005, pp. 118--123.Google Scholar
- M. H. Degroot, "Reaching a consensus," Journal of the American Statistical Association, vol. 69, no. 345, pp. 118--121, 1974. {Online}. Available: http://www.jstor.org/stable/2285509Google ScholarCross Ref
- S. Chatterjee and E. Seneta, "Towards consensus: some convergence theorems on repeated averaging," Journal of Applied Probability, vol. 14, no. 01, pp. 89--97, Mar. 1977. {Online}. Available: http://journals.cambridge.org/article_S0021900200104681Google ScholarCross Ref
- M. J. Fischer, N. A. Lynch, and M. S. Paterson, "Impossibility of distributed consensus with one faulty process," J. ACM, vol. 32, no. 2, pp. 374--382, Apr. 1985. {Online}. Available: Google ScholarDigital Library
- R. Saber and R. Murray, "Consensus protocols for networks of dynamic agents," in American Control Conference, 2003. Proceedings of the 2003, vol. 2, June 2003, pp. 951--956.Google Scholar
- A. Nedic and A. Ozdaglar, "Distributed subgradient methods for multi-agent optimization," IEEE Transactions on Automatic Control, vol. 54, no. 1, pp. 48--61, Jan 2009.Google ScholarCross Ref
- I. F. Akyildiz, B. F. Lo, and R. Balakrishnan, "Cooperative spectrum sensing in cognitive radio networks: A survey," Phys. Commun., vol. 4, no. 1, pp. 40--62, Mar. 2011. {Online}. Available: Google ScholarDigital Library
- G. Xiong and S. Kishore, "Consensus-based distributed detection algorithm in wireless ad hoc networks," in Signal Processing and Communication Systems, 2009. ICSPCS 2009. 3rd International Conference on, Sept 2009, pp. 1--6.Google Scholar
- K. Avrachenkov, M. E. Chamie, and G. Neglia, "A local average consensus algorithm for wireless sensor networks," in 2011 International Conference on Distributed Computing in Sensor Systems and Workshops (DCOSS), June 2011, pp. 1--6.Google Scholar
- S. Li, G. Oikonomou, T. Tryfonas, T. Chen, and L. Xu, "A distributed consensus algorithm for decision-making in service-oriented internet of things," Transactions on Industrial Informatics, vol. 10, no. 2, pp. 1461--1468, 2014. {Online}. Available: http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=6740862Google ScholarCross Ref
- A. Fagiolini, M. Pellinacci, M. Valenti, G. Dini, and A. Bicchi, "Consensus-based distributed intrusion detection for multi-robot systems," in Proc. IEEE Int. Conf. on Robotics and Automation, 2008, pp. 120 -- 127.Google Scholar
- H. Tang, F. R. Yu, M. Huang, and Z. Li, "Distributed consensus-based security mechanisms in cognitive radio mobile ad hoc networks," IET Communications, vol. 6, no. 8, pp. 974--983, May 2012.Google ScholarCross Ref
- S. Liu, H. Zhu, S. Li, X. Li, C. Chen, and X. Guan, "An adaptive deviation-tolerant secure scheme for distributed cooperative spectrum sensing," in 2012 IEEE Global Communications Conference, GLOBECOM 2012, Anaheim, CA, USA, December 3--7, 2012, 2012, pp. 603--608. {Online}. Available:Google Scholar
- F. R. Yu, H. Tang, M. Huang, Z. Li, and P. C. Mason, "Defense against spectrum sensing data falsification attacks in mobile ad hoc networks with cognitive radios," in Proceedings of the 28th IEEE Conference on Military Communications, ser. MILCOM'09. Piscataway, NJ, USA: IEEE Press, 2009, pp. 1143--1149. {Online}. Available: http://dl.acm.org/citation.cfm?id=1856821.1856990 Google ScholarDigital Library
- F. Pasqualetti, A. Bicchi, and F. Bullo, "Consensus computation in unreliable networks: A system theoretic approach," IEEE Transactions on Automatic Control, vol. 57, no. 1, pp. 90 -- 104, Jan. 2012.Google ScholarCross Ref
- A. Teixeira, H. Sandberg, and K. H. Johansson, "Networked control systems under cyber attacks with applications to power networks," in Proceedings of the 2010 American Control Conference, June 2010, pp. 3690--3696.Google Scholar
- B. Kailkhura, S. Brahma, and P. K. Varshney, "Consensus based detection in the presence of data falsification attacks," arXivpreprint arXiv:1504.03413, 2015.Google Scholar
- S. Sundaram and C. N. Hadjicostis, "Distributed function calculation via linear iterative strategies in the presence of malicious agents," IEEE Transactions on Automatic Control, vol. 56, no. 7, pp. 1495--1508, July 2011.Google ScholarCross Ref
- S. Mi, H. Han, C. Chen, J. Yan, and X. Guan, "A secure scheme for distributed consensus estimation against data falsification in heterogeneous wireless sensor networks," Sensors, vol. 16, no. 2, p. 252, 2016. {Online}. Available: http://www.mdpi.com/1424-8220/16/2/252Google ScholarCross Ref
- V. P. Illiano and E. C. Lupu, "Detecting malicious data injections in wireless sensor networks: A survey," ACM Comput. Surv., vol. 48, no. 2, pp. 24:1--24:33, Oct. 2015. {Online}. Available: Google ScholarDigital Library
- J. Chen, J. R. Patton, and H.-Y Zhang, "Design of unknown input observers and robust fault detection filters," International Journal of Control, vol. 63, no. 1, pp. 85--105, 1996.Google ScholarCross Ref
- F. Pasqualetti, A. Bicchi, and F. Bullo, "Distributed intrusion detection for secure consensus computations," in Decision and Control, 2007 46th IEEE Conference on, Dec 2007, pp. 5594--5599.Google Scholar
Index Terms
- Robust consensus-based network intrusion detection in presence of Byzantine attacks
Recommendations
Security challenges in cognitive radio network and defending against Byzantine attack: a survey
Wireless applications have been growing rapidly in the past years, leading to the problem of spectrum scarcity. Cognitive radio network CRN is an emerging technology which can provide a promising solution to resolve this spectrum scarcity problem in ...
Collaborative Spectrum Sensing in the Presence of Byzantine Attacks in Cognitive Radio Networks
Cognitive radio (CR) has emerged as a solution to the problem of spectrum scarcity as it exploits transmission opportunities in the under-utilized spectrum bands of primary users. Collaborative (or distributed) spectrum sensing has been shown to have ...
Intrusion Tolerance System against Denial of Service Attacks in Wireless Sensor Network
MINES '13: Proceedings of the 2013 Fifth International Conference on Multimedia Information Networking and SecurityDisruption of service caused by denial of services (DoS) attacks is an increasing problem in the Internet world and it is also a serious problem in wireless sensor network (WSN). Due to the limited resources and node energy in WSN platforms, we must ...
Comments