nach oben

Erschienen in:

2019 | OriginalPaper | Buchkapitel

Towards Blockchained Challenge-Based Collaborative Intrusion Detection

verfasst von : Wenjuan Li, Yu Wang, Jin Li, Man Ho Au

Erschienen in: Applied Cryptography and Network Security Workshops

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

To protect distributed network resources and assets, collaborative intrusion detection systems/networks (CIDSs/CIDNs) have been widely deployed in various organizations with the purpose of detecting any potential threats. While such systems and networks are usually vulnerable to insider attacks, some kinds of trust mechanisms should be integrated in a real-world application. Challenge-based trust mechanisms are one promising solution, which can measure the trustworthiness of a node by sending challenges to other nodes. In the literature, challenge-based CIDNs have proven to be robust against common insider attacks, but it may still be susceptible to advanced insider attacks. How to further improve the robustness of challenge-based CIDNs remains an issue. Motivated by the recently rapid development of blockchains, in this work, we aim to combine these two and provide a blockchained challenge-based CIDN framework. Our evaluation shows that blockchain technology has the potential to enhance the robustness of challenge-based CIDNs in the aspects of trust management (i.e., enhancing the detection of insider nodes) and alarm aggregation (i.e., identifying untruthful inputs).

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel SIEM-IoT: A Blockchain-Based and Distributed SIEM for the Internet of Things

Nächstes Kapitel Enhancement to the Privacy-Aware Authentication for Wi-Fi Based Indoor Positioning Systems

Alexopoulos, N., Vasilomanolakis, E., Ivánkó, N.R., Mühlhäuser, M.: Towards blockchain-based collaborative intrusion detection systems. In: D’Agostino, G., Scala, A. (eds.) CRITIS 2017. LNCS, vol. 10707, pp. 107–118. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-99843-5_10CrossRef

Amazon Managed Blockchain: Easily create and manage scalable blockchain networks. https://aws.amazon.com/managed-blockchain/. Accessed 10 Apr 2019

Badertscher, C., Gazi, P., Kiayias, A., Russell, A., Zikas, V.: Ouroboros genesis: composable proof-of-stake blockchains with dynamic availability. In: Proceedings of ACM Conference on Computer and Communications Security (CCS), pp. 913–930 (2018)

Daian, P., Pass, R., Shi, E.: Snow white: robustly reconfigurable consensus and applications to provably secure proofs of stake. In: Financial Cryptography and Data Security (FC) (2019)

Duma, C., Karresand, M., Shahmehri, N., Caronni, G.: A trust-aware, P2P-based overlay for intrusion detection. In: DEXA Workshop, pp. 692–697 (2006)

Fadlullah, Z.M., Taleb, T., Vasilakos, A.V., Guizani, M., Kato, N.: DTRAB: combating against attacks on encrypted protocols through traffic-feature analysis. IEEE/ACM Trans. Netw. 18(4), 1234–1247 (2010)CrossRef

Friedberg, I., Skopik, F., Settanni, G., Fiedler, R.: Combating advanced persistent threats: from network event correlation to incident detection. Comput. Secur. 48, 35–47 (2015)CrossRef

Fung, C.J., Baysal, O., Zhang, J., Aib, I., Boutaba, R.: Trust management for host-based collaborative intrusion detection. In: De Turck, F., Kellerer, W., Kormentzas, G. (eds.) DSOM 2008. LNCS, vol. 5273, pp. 109–122. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-87353-2_9CrossRef

Fung, C.J., Zhu, Q., Boutaba, R., Basar, T.: Bayesian decision aggregation in collaborative intrusion detection networks. In: NOMS, pp. 349–356 (2010)

10.

Almost half of companies still can’t detect IoT device breaches, reveals Gemalto study. https://www.gemalto.com/press/Pages/Almost-half-of-companies-still-can-t-detect-IoT-device-breaches-reveals-Gemalto-study.aspx. Accessed 10 Apr 2019

11.

Leading the IoT: Gartner Insights on How to Lead in a Connected World. https://www.gartner.com/imagesrv/books/iot/iotEbook_digital.pdf. Accessed 22 Mar 2019

12.

Gartner Identifies Top 10 Strategic IoT Technologies and Trends. https://www.gartner.com/en/newsroom/press-releases/2018-11-07-gartner-identifies-top-10-strategic-iot-technologies-and-trends. Accessed 22 Mar 2019

13.

Golomb, T., Mirsky, Y., Elovici, Y.: CIoTA: Collaborative IoT Anomaly detection via blockchain. In: Proceedings of Workshop on Decentralized IoT Security and Standards (DISS), pp. 1–6 (2018)

14.

Huebsch, R., et al.: The architecture of PIER: an internet-scale query processor. In: Proceedings of the 2005 Conference on Innovative Data Systems Research (CIDR), pp. 28–43 (2005)

15.

Hyperledger C Open Source Blockchain Technologies. https://www.hyperledger.org/

16.

Kiffer, L., Rajaraman, R., Shelat, A.: A better method to analyze blockchain consistency. In: Proceedings of ACM Conference on Computer and Communications Security (CCS), pp. 729–744 (2018)

17.

Lei, A., Cruickshank, H.S., Cao, Y., Asuquo, P.M., Ogah, C.P.A., Sun, Z.: Blockchain-based dynamic key management for heterogeneous intelligent transportation systems. IEEE Internet Things J. 4(6), 1832–1843 (2017)CrossRef

18.

Li, Z., Chen, Y., Beach, A.: Towards scalable and robust distributed intrusion alert fusion with good load balancing. In: Proceedings of the 2006 SIGCOMM Workshop on Large-Scale Attack Defense (LSAD), pp. 115–122 (2006)

19.

Li, W., Meng, Y., Kwok, L.-F.: Enhancing trust evaluation using intrusion sensitivity in collaborative intrusion detection networks: feasibility and challenges. In: Proceedings of the 9th International Conference on Computational Intelligence and Security (CIS), pp. 518–522. IEEE (2013)

20.

Li, W., Meng, W., Kwok, L.-F.: Design of intrusion sensitivity-based trust management model for collaborative intrusion detection networks. In: Zhou, J., Gal-Oz, N., Zhang, J., Gudes, E. (eds.) IFIPTM 2014. IAICT, vol. 430, pp. 61–76. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-43813-8_5CrossRef

21.

Li, W., Meng, W.: Enhancing collaborative intrusion detection networks using intrusion sensitivity in detecting pollution attacks. Inf. Comput. Secur. 24(3), 265–276 (2016)MathSciNetCrossRef

22.

Li, L., et al.: CreditCoin: a privacy-preserving blockchain-based incentive announcement network for communications of smart vehicles. IEEE Trans. Intell. Transp. Syst. 19(7), 2204–2220 (2018)CrossRef

23.

Li, W., Meng, W., Kwok, L.-F., Ip, H.H.S.: PMFA: toward passive message fingerprint attacks on challenge-based collaborative intrusion detection networks. In: Chen, J., Piuri, V., Su, C., Yung, M. (eds.) NSS 2016. LNCS, vol. 9955, pp. 433–449. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-46298-1_28CrossRef

24.

Li, W., Meng, W., Kwok, L.-F.: SOOA: exploring special on-off attacks on challenge-based collaborative intrusion detection networks. In: Au, M.H.A., Castiglione, A., Choo, K.-K.R., Palmieri, F., Li, K.-C. (eds.) GPC 2017. LNCS, vol. 10232, pp. 402–415. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-57186-7_30CrossRef

25.

Li, W., Meng, W., Kwok, L.-F.: Investigating the influence of special on-off attacks on challenge-based collaborative intrusion detection networks. Future Internet 10(1), 1–16 (2018)CrossRef

26.

Li, W., Tug, S., Meng, W., Wang, Y.: Designing collaborative blockchained signature-based intrusion detection in IoT environments. Future Gener. Comput. Syst. 96, 481–489 (2019)CrossRef

27.

Li, W., Kwok, L.-F.: Challenge-based collaborative intrusion detection networks under passive message fingerprint attack: a further analysis. J. Inf. Secur. Appl. 47, 1–7 (2019)

28.

Makhdoom, I., Abolhasan, M., Abbas, H., Ni, W.: Blockchain’s adoption in IoT: the challenges, and a way forward. J. Netw. Comput. Appl. 125, 251–279 (2019)CrossRef

29.

Marr, B.: 5 Blockchain Trends Everyone Should Know About. https://www.forbes.com/sites/bernardmarr/2019/01/28/5-blockchain-trends-everyone-should-know-about/#30c1ab523bb9. Accessed 10 Apr 2019

30.

Meng, Y., Kwok, L.F.: Enhancing false alarm reduction using voted ensemble selection in intrusion detection. Int. J. Comput. Intell. Syst. 6(4), 626–638 (2013)CrossRef

31.

Meng, Y., Li, W., Kwok, L.F.: Towards adaptive character frequency-based exclusive signature matching scheme and its applications in distributed intrusion detection. Comput. Netw. 57(17), 3630–3640 (2013)CrossRef

32.

Meng, W., Li, W., Kwok, L.-F.: An evaluation of single character frequency-based exclusive signature matching in distinct IDS environments. In: Chow, S.S.M., Camenisch, J., Hui, L.C.K., Yiu, S.M. (eds.) ISC 2014. LNCS, vol. 8783, pp. 465–476. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-13257-0_29CrossRef

33.

Meng, W., Li, W., Kwok, L.-F.: EFM: enhancing the performance of signature-based network intrusion detection systems using enhanced filter mechanism. Comput. Secur. 43, 189–204 (2014)CrossRef

34.

Meng, W., Li, W., Kwok, L.-F.: Design of intelligent KNN-based alarm filter using knowledge-based alert verification in intrusion detection. Secur. Commun. Netw. 8(18), 3883–3895 (2015)CrossRef

35.

Meng, W., Luo, X., Li, W., Li, Y.: Design and evaluation of advanced collusion attacks on collaborative intrusion detection networks in practice. In: Proceedings of the 15th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom 2016), pp. 1061–1068 (2016)

36.

Meng, W., Li, W., Xiang, Y., Choo, K.K.R.: A Bayesian inference-based detection mechanism to defend medical smartphone networks against insider attacks. J. Netw. Comput. Appl. 78, 162–169 (2017)CrossRef

37.

Meng, W., Li, W., Kwok, L.-F.: Towards effective trust-based packet filtering in collaborative network environments. IEEE Trans. Netw. Serv. Manag. 14(1), 233–245 (2017)CrossRef

38.

Meng, W., Tischhauser, E.W., Wang, Q., Wang, Y., Han, J.: When intrusion detection meets blockchain technology: a review. IEEE Access 6(1), 10179–10188 (2018)CrossRef

39.

Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system (2008). http://bitcoin.org/bitcoin.pdf

40.

Orcutt, M.: How secure is blockchain really? https://www.technologyreview.com/s/610836/how-secure-is-blockchain-really/. Accessed 22 Mar 2019

41.

Papadopoulos, C., Lindell, R., Mehringer, J., Hussain, A., Govindan, R.: COSSACK: coordinated suppression of simultaneous attacks. In: Proceedings of the 2003 DARPA Information Survivability Conference and Exposition (DISCEX), pp. 94–96 (2003)

42.

Pass, R., Shi, E.: Thunderella: blockchains with optimistic instant confirmation. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018. LNCS, vol. 10821, pp. 3–33. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-78375-8_1CrossRef

43.

Porras, P.A., Neumann, P.G.: EMERALD: event monitoring enabling responses to anomalous live disturbances. In: Proceedings of the 20th National Information Systems Security Conference, pp. 353–365 (1997)

44.

Roesch, M.: Snort: lightweight intrusion detection for networks. In: Proceedings of USENIX Lisa Conference, pp. 229–238 (1999)

45.

Scarfone, K., Mell, P.: Guide to intrusion detection and prevention systems (IDPS). NIST Special Publication 800-94 (2007)

46.

Snapp, S.R., et al.: DIDS (distributed intrusion detection system) - motivation, architecture, and an early prototype. In: Proceedings of the 14th National Computer Security Conference, pp. 167–176 (1991)

47.

Sharma, V.: An energy-efficient transaction model for the blockchain-enabled internet of vehicles (IoV). IEEE Commun. Lett. 23(2), 246–249 (2019)CrossRef

48.

Singh, S., Ra, I.H., Meng, W., Kaur, M., Cho, G.H.: SH-BlockCC: a secure and efficient IoT smart home architecture based on cloud computing and blockchain technology. Int. J. Distrib. Sens. Netw. (in press). SAGE

49.

Snort: An an open source network intrusion prevention and detection system (IDS/IPS). http://www.snort.org/

50.

Steichen, M., Hommes, S., State, R.: ChainGuard - a firewall for blockchain applications using SDN with OpenFlow. In: Proceedings of International Conference on Principles, Systems and Applications of IP Telecommunications (IPTComm), pp. 1–8 (2017)

51.

Symantec 2019 Internet Security Threat Report. https://www.symantec.com/security-center/threat-report. Accessed 22 Mar 2019

52.

Tug, S., Meng, W., Wang, Y.: CBSigIDS: towards collaborative blockchained signature-based intrusion detection. In: Proceedings of The 1st IEEE International Conference on Blockchain (Blockchain) (2018)

53.

Tuan, T.A.: A game-theoretic analysis of trust management in P2P systems. In: Proceedings of ICCE, pp. 130–134 (2006)

54.

Vasilomanolakis, E., Karuppayah, S., Muhlhauser, M., Fischer, M.: Taxonomy and survey of collaborative intrusion detection. ACM Comput. Surv. 47(4), 55:1–55:33 (2015)CrossRef

55.

Vigna, G., Kemmerer, R.A.: NetSTAT: a network-based intrusion detection approach. In: Proceedings of Annual Computer Security Applications Conference (ACSAC), pp. 25–34 (1998)

56.

Wan, C., et al.: Goshawk: a novel efficient, robust and flexible blockchain protocol. In: Guo, F., Huang, X., Yung, M. (eds.) Inscrypt 2018. LNCS, vol. 11449, pp. 49–69. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-14234-6_3CrossRef

57.

Wang, Y., Meng, W., Li, W., Liu, Z., Liu, Y., Xue, H.: Adaptive machine learning-based alarm reduction via edge computing for distributed intrusion detection systems. Concurr. Comput. Pract. Exp. (2019). https://doi.org/10.1002/cpe.5101

58.

Wood, G.: Ethereum: a secure decentralised generalised transaction ledger. EIP-150 Revision (2016)

59.

Wu, Y.-S., Foo, B., Mei, Y., Bagchi, S.: Collaborative intrusion detection system (CIDS): a framework for accurate and efficient IDS. In: Proceedings of the 2003 Annual Computer Security Applications Conference (ACSAC), pp. 234–244 (2003)

60.

Wüst, K., Gervais, A.: Do you need a blockchain? In: CVCBT, pp. 45–54 (2018)

61.

Yegneswaran, V., Barford, P., Jha, S.: Global Intrusion Detection in the DOMINO Overlay System. In: Proceedings of the 2004 Network and Distributed System Security Symposium (NDSS), pp. 1–17 (2004)

62.

The Zeek Network Security Monitor. https://www.zeek.org/

Titel: Towards Blockchained Challenge-Based Collaborative Intrusion Detection
verfasst von: Wenjuan Li
Yu Wang
Jin Li
Man Ho Au
Verlag: Springer International Publishing
Buch: Applied Cryptography and Network Security Workshops
Print ISBN: 978-3-030-29728-2

Electronic ISBN: 978-3-030-29729-9

Copyright-Jahr: 2019
DOI: https://doi.org/10.1007/978-3-030-29729-9_7

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"