A Framework of Blockchain-Based Collaborative Intrusion Detection in Software Defined Networking

Wenjuan Li, Jiao Tan, Yu Wang

Research output: Chapter in book / Conference proceedingConference article published in proceeding or bookAcademic researchpeer-review

3 Citations (Scopus)

Abstract

To protect network assets from various cyber intrusions and fit the distributed environments like Internet of Things (IoTs), collaborative intrusion detection systems (CIDSs) are widely implemented allowing each detection node to exchange required data and information. This aims to improve the detection performance against some complicated attacks. In recent years, software defined networking (SDN) is developing rapidly, which can simplify the network complexity by separating the controller plane from the forwarding plane. In this way, the controller can manage the whole network without knowing the underlying structure and devices. To identify underlying malicious nodes or devices, CIDSs are still an important solution to secure SDN, but might be vulnerable to insider threats, in which an attacker can behave maliciously insider the network. In this work, we focus on this issue and advocate the merit on combining trust management and blockchain technology. Trust management can help evaluate the trustworthiness of each node, and blockchain technology can allow communication without a trusted party while ensuring the integrity of shared data. We then introduce a general framework of blockchain-based collaborative intrusion detection in SDN. In the study, we take challenge-based CIDS as a case, and evaluate our framework performance under both external and internal attacks. Our results indicate the viability and effectiveness of our framework.

Original languageEnglish
Title of host publicationNetwork and System Security - 14th International Conference, NSS 2020, Proceedings
EditorsMirosław Kutyłowski, Jun Zhang, Chao Chen
PublisherSpringer Science and Business Media Deutschland GmbH
Pages261-276
Number of pages16
ISBN (Print)9783030657444
DOIs
Publication statusPublished - 2020
Externally publishedYes
Event14th International Conference on Network and System Security, NSS 2020 - Melbourne, Australia
Duration: 25 Nov 202027 Nov 2020

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume12570 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference14th International Conference on Network and System Security, NSS 2020
Country/TerritoryAustralia
CityMelbourne
Period25/11/2027/11/20

Keywords

  • Blockchain technology
  • Collaborative intrusion detection
  • Insider attack
  • Software defined networking
  • Trust management

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

Cite this