nach oben

Annals of Telecommunications

Erschienen in:

19.07.2019

Multi-cloud cooperative intrusion detection system: trust and fairness assurance

verfasst von: Adel Abusitta, Martine Bellaiche, Michel Dagenais

Erschienen in: Annals of Telecommunications | Ausgabe 9-10/2019

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

The sophistication of the recent cloud computing systems has made them more vulnerable to intelligent cyber attacks. Moreover, it is becoming very difficult for a single intrusion detection system (IDS) to detect all existing attacks, due to limited knowledge about such attacks’ patterns and implications. Recent works in cloud security have shown that cooperation among cloud-based IDSs can enhance their accuracy. However, there are two main challenges associated with the existing cooperative IDSs, which are related to trust and fairness assurance. To tackle these challenges, we propose in this paper a cooperative cloud-based IDS framework that (1) enables IDSs to distributively form trustworthy IDSs communities by advancing a trust-based hedonic coalitional game, which allows IDSs to increase their individual detection accuracy in the presence of untrusted IDSs and (2) formulates a fairness assurance mechanism as a Stackelberg game between the well-behaving IDSs and the selfish ones that frequently send consultation requests to other IDSs, and at the same do not answer other IDSs’ consultation requests. Experimental results show the effectiveness of the proposed approach in terms of enhancing the accuracy of detection and achieving the fairness among IDSs in terms of benefits obtained through cooperation.

Vorheriger Artikel Resource management of cloud-enabled systems using model-free reinforcement learning

Nächster Artikel Automotive virtual edge communicator (AVEC) with vehicular inter-agent service orchestration and resourcing (ViSOR)

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Man ND, Huh E-N (2012) A collaborative intrusion detection system framework for cloud computing. In: Proceedings of the international conference on IT convergence and security 2011. Springer, pp 91–109

Singh D, Patel D, Borisaniya B, Modi C (2016) Collaborative ids framework for cloud. International Journal of Network Security 18(4):699–709

Ghribi S (2016) Distributed and cooperative intrusion detection in cloud networks. In: Proceedings of the doctoral symposium of the 17th international middleware conference. ACM, p 7

Fung CJ, Zhu Q (2016) Facid: a trust-based collaborative decision framework for intrusion detection networks. Ad Hoc Netw 53:17–31CrossRef

Fung CJ, Lam DY, Boutaba R (2014) Revmatch: an efficient and robust decision model for collaborative malware detection. In: Network operations and management symposium (NOMS), 2014 IEEE. IEEE, pp 1–9

Chiba Z, Abghour N, Moussaid K, Rida M, et al. (2016) A cooperative and hybrid network intrusion detection framework in cloud computing based on snort and optimized back propagation neural network. Procedia Computer Science 83:1200–1206CrossRef

Al-Mousa Z, Nasir Q (2015) cl-cidps: a cloud computing based cooperative intrusion detection and prevention system framework. In: International conference on future network systems and security. Springer, pp 181–194

Kholidy HA, Baiardi F (2012) Cids: a framework for intrusion detection in cloud systems. In: 2012 ninth international conference on information technology: New generations (ITNG). IEEE, pp 379–385

Ray D (2007) A game-theoretic perspective on coalition formation. Oxford University Press, LondonCrossRefMATH

10.

Shafer G (1992) Dempster-shafer theory. Encyclopedia of artificial intelligence, pp 330–331

11.

Von Stackelberg H (2010) Market structure and equilibrium. Springer Science & Business Media, BerlinMATH

12.

Abusitta A, Bellaiche M, Dagenais M (2018) A trust-based game theoretical model for cooperative intrusion detection in multi-cloud environments. In: 2018 21st conference on innovation in clouds, internet and networks and workshops (ICIN). IEEE, pp 1–8

13.

Modi C, Patel D, Borisaniya B, Patel H, Patel A, Rajarajan M (2013) A survey of intrusion detection techniques in cloud. J Netw Comput Appl 36(1):42–57CrossRef

14.

Lo C-C, Huang C-C, Ku J (2010) A cooperative intrusion detection system framework for cloud computing networks. In: 2010 39th international conference on parallel processing workshops (ICPPW). IEEE, pp 280–284

15.

Teng S, Zheng C, Zhu H, Liu D, Zhang W (2014) A cooperative intrusion detection model for cloud computing networks. International Journal of Security and its Applications 8(3):107–118CrossRef

16.

Dermott Á, Qi S, Kifayat K (2015) Collaborative intrusion detection in federated cloud environments. Int J Comput Sci Appl 3(3A):10–20

17.

Locasto ME, Parekh JJ, Keromytis AD, Stolfo SJ (2005) Towards collaborative security and p2p intrusion detection. In: Information assurance workshop, 2005. IAW’05. Proceedings from the sixth annual IEEE SMC. IEEE, pp 333–339

18.

Cordero CG, Vasilomanolakis E, Mühlhäuser M, Fischer M (2015) Community-based collaborative intrusion detection. In: Securecomm, pp 665–681

19.

Yegneswaran V, Barford P, Jha S (2004) Global intrusion detection in the domino overlay system. In: NDSS

20.

Cai M, Hwang K, Kwok Y-K, Song S, Chen Y (2005) Collaborative internet worm containment. IEEE Secur Priv 3(3):25–33CrossRef

21.

Liu X, Zhu P, Zhang Y, Chen K (2015) A collaborative intrusion detection mechanism against false data injection attack in advanced metering infrastructure. IEEE Trans Smart Grid 6(5):2435–2443CrossRef

22.

Patel A, Alhussian H, Pedersen JM, Bounabat B, Júnior JC, Katsikas S (2017) A nifty collaborative intrusion detection and prevention architecture for smart grid ecosystems. Comput Secur 64:92–109CrossRef

23.

Huang N-F, Wang C, Liao I-J, Lin C-W, Kao C-N (2015) An openflow-based collaborative intrusion prevention system for cloud networking. In: 2015 IEEE international conference on communication software and networks (ICCSN). IEEE, pp 85–92

24.

Sedjelmaci H, Senouci SM (2015) An accurate and efficient collaborative intrusion detection framework to secure vehicular networks. Comput Electr Eng 43:33–47CrossRef

25.

Zhu Q, Fung C, Boutaba R, Basar T (2009) A game-theoretical approach to incentive design in collaborative intrusion detection networks. In: International conference on game theory for networks, 2009. Gamenets’ 09. IEEE, pp 384–392

26.

Zhu Q, Fung C, Boutaba R, Basar T (2012) Guidex: a game-theoretic incentive-based mechanism for intrusion detection networks. IEEE J Sel Areas Commun 30(11):2220–2230CrossRef

27.

Fung C, Zhu Q, Boutaba R, Başar T (2011) Smurfen: a system framework for rule sharing collaborative intrusion detection. In: Proceedings of the 7th international conference on network and services management. International Federation for Information Processing, pp 248–253

28.

Zhu Q, Fung C, Boutaba R, Başar T (2011) A game-theoretic approach to rule sharing mechanism in networked intrusion detection systems: robustness, incentives and security. In: 2011 50th IEEE conference on decision and control and European control conference (CDC-ECC). IEEE, pp 243–248

29.

Hassan MM, Abdullah-Al-Wadud M, Almogren A, Rahman SK, Alelaiwi A, Alamri A, Hamid Md, et al. (2015) Qos and trust-aware coalition formation game in data-intensive cloud federations. Concurrency and computation: practice and experience

30.

Grivas SG, Kumar TU, Wache H (2010) Cloud broker: bringing intelligence into the cloud. In: 2010 IEEE 3rd international conference on cloud computing (CLOUD). IEEE, pp 544–545

31.

Wahab OA, Bentahar J, Otrok H, Mourad A (2018) Towards trustworthy multi-cloud services communities: a trust-based hedonic coalitional game. IEEE Trans Serv Comput 11(1):184–201CrossRef

32.

Josang A, Ismail R (2002) The beta reputation system. In: Proceedings of the 15th bled electronic commerce conference, vol 5, pp 2502–2511

33.

Yahyaoui H (2012) A trust-based game theoretical model for web services collaboration. Knowl-Based Syst 27:162–169CrossRef

34.

Bogomolnaia A, Jackson MO (2002) The stability of hedonic coalition structures. Games Econom Behav 38(2):201–230MathSciNetCrossRefMATH

35.

Dreze JH, Greenberg J (1980) Hedonic coalitions: optimality and stability. Econometrica: Journal of the Econometric Society, pp 987–1003

36.

Wahab OA, Bentahar J, Otrok H, Mourad A (2017) Optimal load distribution for the detection of vm-based ddos attacks in the cloud. IEEE transactions on services computing

37.

Apt KR, Witzel A (2009) A generic approach to coalition formation. International Game Theory Review 11(03):347–367MathSciNetCrossRefMATH

38.

Sandholm T, Larson K, Andersson M, Shehory O, Tohmé F (1999) Coalition structure generation with worst case guarantees. Artif Intell 111(1-2):209–238MathSciNetCrossRefMATH

39.

Guazzone M, Anglano C, Sereno M (2014) A game-theoretic approach to coalition formation in green cloud federations. In: 2014 14th IEEE/ACM international symposium on cluster, cloud and grid computing (CCGrid). IEEE, pp 618–625

40.

Sinha PK (1998) Distributed operating systems: concepts and design. PHI Learning Pvt Ltd

41.

Wooldridge M (2009) An introduction to multiagent systems. Wiley, New York

42.

Kshemkalyani AD, Singhal M (2011) Distributed computing: principles, algorithms, and systems. Cambridge University Press, CambridgeMATH

43.

Saad W, Han Z, Basar T, Debbah M, Hjorungnes A (2011) Hedonic coalition formation for distributed task allocation among wireless agents. IEEE Trans Mob Comput 10(9):1327–1344CrossRef

44.

Liu Y, Sun YL, Liu S, Kot AC (2013) Securing online reputation systems through dempster-shafer theory based trust model. IEEE transactions on information forensics and security, 8(6)

45.

Wei Z, Tang H, Yu FR, Wang M, Mason P (2014) Security enhancements for mobile ad hoc networks with trust management using uncertain reasoning. IEEE Trans Veh Technol 63(9):4647–4658CrossRef

46.

Liu S, Kot AC, Miao C, Theng Y-L (2012) A dempster-shafer theory based witness trustworthiness model. In: Proceedings of the 11th international conference on autonomous agents and multiagent systems-volume 3. International foundation for autonomous agents and multiagent systems, pp 1361–1362

47.

Bu S, Yu FR, Liu X, Mason P, Tang H (2011) Distributed combined authentication and intrusion detection with data fusion in high-security mobile ad hoc networks. IEEE Trans Veh Technol 60(3):1025–1036CrossRef

48.

Yu B, Singh MP (2002) An evidential model of distributed reputation management. In: Proceedings of the first international joint conference on autonomous agents and multiagent systems: Part 1. ACM, pp 294–301

49.

Rashidi B, Fung C, Bertino E (2017) A collaborative ddos defence framework using network function virtualization. IEEE Trans Inf Forensics Secur 12(10):2483–2497CrossRef

50.

Wahab OA, Bentahar J, Otrok H, Mourad A (2015) A survey on trust and reputation models for web services: single, composite, and communities. Decis Support Syst 74:121–134CrossRef

51.

Fung C, Zhang J, Aib I, Boutaba R (2009) Robust and scalable trust management for collaborative intrusion detection. In: IFIP/IEEE international symposium on integrated network management, 2009. IM ’09. IEEE, pp 33–40

Titel: Multi-cloud cooperative intrusion detection system: trust and fairness assurance
verfasst von: Adel Abusitta
Martine Bellaiche
Michel Dagenais
Publikationsdatum: 19.07.2019
Verlag: Springer International Publishing
Erschienen in: Annals of Telecommunications / Ausgabe 9-10/2019
Print ISSN: 0003-4347
Elektronische ISSN: 1958-9395
DOI: https://doi.org/10.1007/s12243-019-00724-8

Neuer Inhalt

Bildnachweise

VDI-Icon, Profil Icon, inhalt2, Springer Professional Modul/© Springer Fachmedien Wiesbaden GmbH, Nachhaltigkeitsaward Key Visual/© Cometis AG/Global ESG Monitor | Daniel Rupp | Generiert mit KI, Search Icon, Banner Hanser, Beijing Auto Show 2024: Deutsche Hersteller wollen angreifen./© EKH-Pictures / Generated with AI / Stock.adobe.com, Buchstaben, die aus einem Megaphon kommen/© MicroStockHub/Getty Images/iStock, Digitale Lieferkette/© zapp2photo / stock.adobe.com, Zeitschrift Wissensmanagement Cover, PatentFit-Logo/© Springer Fachmedien Wiesbaden GmbH, Sustainibility Finance/© Robert Kneschke / stock.adobe.com / Springer Fachmedien Wiesbaden GmbH, Zukunftswerkstatt Sales Excellence 2024/© AndreyPopov / Getty Images / iStock, 2023_Antrieb/© supervisuell

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Weitere Artikel der Ausgabe 9-10/2019

Embedded network design to support availability differentiation

The controller placement problem for robust SDNs against malicious node attacks considering the control plane with and without split-brain

DAReSch: deadline-aware request scheduling for cloud storage services

Techniques for smart and secure 5G softwarized networks

Algorithms for the design of 5G networks with VNF-based Reusable Functional Blocks

A survey on authentication and access control for mobile networks: from 4G to 5G

Neuer Inhalt

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.