TY - GEN
T1 - A Blockchain Approach to Identifying Compromised Nodes in Collaborative Intrusion Detection Systems
AU - Yenugunti, Chandralekha
AU - Yau, Stephen S.
N1 - Publisher Copyright:
© 2020 IEEE.
PY - 2020/8
Y1 - 2020/8
N2 - Large organizations have multiple networks that are subject to attacks which can be detected by Intrusion Detection Systems. Collaborative Intrusion Detection Systems (CIDS) are used for efficient detection of distributed attacks in large networks by having a global view of the attacks in the networks. However, CIDS are vulnerable to various attacks, which compromise some of the nodes of CIDS. The major challenge caused by these attacks on CIDS is due to insider attacks. These insider attacks decrease the mutual trust among the nodes in CIDS, which is required for sharing critical and sensitive alert data. The compromised nodes will further decrease the accuracy of CIDS by generating false positives and false negatives of the traffic classifications. In this paper, an approach based on trust score system is presented to identify and suspend the compromised nodes in CIDS to improve the trust among the nodes for collaboration. This approach is implemented on a private blockchain because private blockchain provides the features to satisfy the accountability, integrity and privacy requirements of CIDS.
AB - Large organizations have multiple networks that are subject to attacks which can be detected by Intrusion Detection Systems. Collaborative Intrusion Detection Systems (CIDS) are used for efficient detection of distributed attacks in large networks by having a global view of the attacks in the networks. However, CIDS are vulnerable to various attacks, which compromise some of the nodes of CIDS. The major challenge caused by these attacks on CIDS is due to insider attacks. These insider attacks decrease the mutual trust among the nodes in CIDS, which is required for sharing critical and sensitive alert data. The compromised nodes will further decrease the accuracy of CIDS by generating false positives and false negatives of the traffic classifications. In this paper, an approach based on trust score system is presented to identify and suspend the compromised nodes in CIDS to improve the trust among the nodes for collaboration. This approach is implemented on a private blockchain because private blockchain provides the features to satisfy the accountability, integrity and privacy requirements of CIDS.
KW - collaborative intrusion detection systems
KW - insider attacks
KW - private blockchain
KW - trust score
UR - http://www.scopus.com/inward/record.url?scp=85097651180&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85097651180&partnerID=8YFLogxK
U2 - 10.1109/DASC-PICom-CBDCom-CyberSciTech49142.2020.00029
DO - 10.1109/DASC-PICom-CBDCom-CyberSciTech49142.2020.00029
M3 - Conference contribution
AN - SCOPUS:85097651180
T3 - Proceedings - IEEE 18th International Conference on Dependable, Autonomic and Secure Computing, IEEE 18th International Conference on Pervasive Intelligence and Computing, IEEE 6th International Conference on Cloud and Big Data Computing and IEEE 5th Cyber Science and Technology Congress, DASC/PiCom/CBDCom/CyberSciTech 2020
SP - 87
EP - 93
BT - Proceedings - IEEE 18th International Conference on Dependable, Autonomic and Secure Computing, IEEE 18th International Conference on Pervasive Intelligence and Computing, IEEE 6th International Conference on Cloud and Big Data Computing and IEEE 5th Cyber Science and Technology Congress, DASC/PiCom/CBDCom/CyberSciTech 2020
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 18th IEEE International Conference on Dependable, Autonomic and Secure Computing, 18th IEEE International Conference on Pervasive Intelligence and Computing, 6th IEEE International Conference on Cloud and Big Data Computing and 5th IEEE Cyber Science and Technology Congress, DASC/PiCom/CBDCom/CyberSciTech 2020
Y2 - 17 August 2020 through 24 August 2020
ER -