TY - JOUR
T1 - BlockCSDN: Towards Blockchain-Based Collaborative Intrusion Detection in Software Defined Networking
AU - Li, Wenjuan
AU - Wang, Yu
AU - Meng, Weizhi
AU - Li, Jin
AU - Su, Chunhua
N1 - Funding Information:
This work was partially supported by National Natural Science Foundation of China (No. 61802077).
Publisher Copyright:
© 2022 The Institute of Electronics, Information and Communication Engineers.
PY - 2022/2
Y1 - 2022/2
N2 - To safeguard critical services and assets in a distributed environment, collaborative intrusion detection systems (CIDSs) are usually adopted to share necessary data and information among various nodes, and enhance the detection capability. For simplifying the network management, software defined networking (SDN) is an emerging platform that decouples the controller plane from the data plane. Intuitively, SDN can help lighten the management complexity in CIDSs, and a CIDS can protect the security of SDN. In practical implementation, trust management is an important approach to help identify insider attacks (or malicious nodes) in CIDSs, but the challenge is how to ensure the data integrity when evaluating the reputation of a node. Motivated by the recent development of blockchain technology, in this work, we design BlockCSDN - a framework of blockchain-based collaborative intrusion detection in SDN, and take the challenge-based CIDS as a study. The experimental results under both external and internal attacks indicate that using blockchain technology can benefit the robustness and security of CIDSs and SDN.
AB - To safeguard critical services and assets in a distributed environment, collaborative intrusion detection systems (CIDSs) are usually adopted to share necessary data and information among various nodes, and enhance the detection capability. For simplifying the network management, software defined networking (SDN) is an emerging platform that decouples the controller plane from the data plane. Intuitively, SDN can help lighten the management complexity in CIDSs, and a CIDS can protect the security of SDN. In practical implementation, trust management is an important approach to help identify insider attacks (or malicious nodes) in CIDSs, but the challenge is how to ensure the data integrity when evaluating the reputation of a node. Motivated by the recent development of blockchain technology, in this work, we design BlockCSDN - a framework of blockchain-based collaborative intrusion detection in SDN, and take the challenge-based CIDS as a study. The experimental results under both external and internal attacks indicate that using blockchain technology can benefit the robustness and security of CIDSs and SDN.
KW - Blockchain technology
KW - Challenge-based trust management
KW - Collaborative intrusion detection
KW - Insider attack
KW - Software defined networking
UR - http://www.scopus.com/inward/record.url?scp=85124654139&partnerID=8YFLogxK
UR - https://www.jstage.jst.go.jp/article/transinf/E105.D/2/E105.D_2021BCP0013/_pdf
U2 - 10.1587/transinf.2021BCP0013
DO - 10.1587/transinf.2021BCP0013
M3 - Journal article
AN - SCOPUS:85124654139
SN - 0916-8532
VL - 105
SP - 272
EP - 279
JO - IEICE Transactions on Information and Systems
JF - IEICE Transactions on Information and Systems
IS - 2
ER -