Design of intrusion sensitivity-based trust management model for collaborative intrusion detection networks

Wenjuan Li, Weizhi Meng, Lam For Kwok

Research output: Chapter in book / Conference proceedingConference article published in proceeding or bookAcademic researchpeer-review

49 Citations (Scopus)

Abstract

Network intrusions are becoming more and more sophisticated to detect. To mitigate this issue, intrusion detection systems (IDSs) have been widely deployed in identifying a variety of attacks and collaborative intrusion detection networks (CIDNs) have been proposed which enables an IDS to collect information and learn experience from other IDSs with the purpose of improving detection accuracy. A CIDN is expected to have more power in detecting attacks such as denial-of-service (DoS) than a single IDS. In real deployment, we notice that each IDS has different levels of sensitivity in detecting different types of intrusions (i.e., based on their own signatures and settings). In this paper, we propose a machine learning-based approach to assign intrusion sensitivity based on expert knowledge and design a trust management model that allows each IDS to evaluate the trustworthiness of others by considering their detection sensitivities. In the evaluation, we explore the performance of our proposed approach under different attack scenarios. The experimental results indicate that by considering the intrusion sensitivity, our trust model can enhance the detection accuracy of malicious nodes as compared to existing similar models.

Original languageEnglish
Title of host publicationTrust Management VIII - 8th IFIP WG 11.11 International Conference, IFIPTM 2014, Proceedings
EditorsJianying Zhou, Jianying Zhou, Nurit Gal-Oz, Nurit Gal-Oz, Jie Zhang, Jie Zhang, Ehud Gudes, Ehud Gudes
PublisherSpringer New York LLC
Pages61-76
Number of pages16
ISBN (Electronic)9783662438121, 9783662438121
DOIs
Publication statusPublished - 2014
Externally publishedYes
Event8th IFIP WG 11.11 International Conference on Trust Management, IFIPTM 2014 - Singapore, Singapore
Duration: 7 Jul 201410 Jul 2014

Publication series

NameIFIP Advances in Information and Communication Technology
Volume430
ISSN (Print)1868-4238
ISSN (Electronic)1868-422X

Conference

Conference8th IFIP WG 11.11 International Conference on Trust Management, IFIPTM 2014
Country/TerritorySingapore
CitySingapore
Period7/07/1410/07/14

Keywords

  • Collaborative intrusion detection network
  • Intrusion detection
  • Intrusion sensitivity
  • Network security
  • Trust management

ASJC Scopus subject areas

  • Information Systems
  • Computer Networks and Communications
  • Information Systems and Management

Cite this