TY - JOUR
T1 - Designing collaborative blockchained signature-based intrusion detection in IoT environments
AU - Li, Wenjuan
AU - Tug, Steven
AU - Meng, Weizhi
AU - Wang, Yu
N1 - Funding Information:
The authors would like to thank security administrators and managers from the participating organizations for their help and support during the evaluation. This work was partially supported by H2020-SU-ICT-03-2018: CyberSec4Europe and the Young Scientists Fund of the National Natural Science Foundation of China (No. 61802077 ).
Publisher Copyright:
© 2019 Elsevier B.V.
PY - 2019/7
Y1 - 2019/7
N2 - With the rapid development of Internet-of-Things (IoT), there is an increasing demand for securing the IoT environments. For such purpose, intrusion detection systems (IDSs) are one of the most important security mechanisms, which can help defend computer networks including IoT against various threats. In order to achieve better detection performance, collaborative intrusion detection systems or networks (CIDSs or CIDNs) are often adopted in a practical scenario, allowing a set of IDS nodes to exchange required information with each other, e.g., alarms, signatures. However, due to the distributed nature, such kind of collaborative network is vulnerable to insider attacks, i.e., malicious nodes can generate untruthful signatures and share to normal peers. This may cause intruders to be undetected and greatly degrade the effectiveness of IDSs. With the advent of blockchain technology, it provides a way to verify shared signatures (rules). In this work, our motivation is to develop CBSigIDS, a generic framework of collaborative blockchained signature-based IDSs, which can incrementally build and update a trusted signature database in a collaborative IoT environment. CBSigIDS can provide a verifiable manner in distributed architectures without the need of a trusted intermediary. In the evaluation, our results demonstrate that CBSigIDS can enhance the robustness and effectiveness of signature-based IDSs under adversarial scenarios.
AB - With the rapid development of Internet-of-Things (IoT), there is an increasing demand for securing the IoT environments. For such purpose, intrusion detection systems (IDSs) are one of the most important security mechanisms, which can help defend computer networks including IoT against various threats. In order to achieve better detection performance, collaborative intrusion detection systems or networks (CIDSs or CIDNs) are often adopted in a practical scenario, allowing a set of IDS nodes to exchange required information with each other, e.g., alarms, signatures. However, due to the distributed nature, such kind of collaborative network is vulnerable to insider attacks, i.e., malicious nodes can generate untruthful signatures and share to normal peers. This may cause intruders to be undetected and greatly degrade the effectiveness of IDSs. With the advent of blockchain technology, it provides a way to verify shared signatures (rules). In this work, our motivation is to develop CBSigIDS, a generic framework of collaborative blockchained signature-based IDSs, which can incrementally build and update a trusted signature database in a collaborative IoT environment. CBSigIDS can provide a verifiable manner in distributed architectures without the need of a trusted intermediary. In the evaluation, our results demonstrate that CBSigIDS can enhance the robustness and effectiveness of signature-based IDSs under adversarial scenarios.
KW - Blockchain technology
KW - Collaborative network
KW - Insider attacks
KW - Internet-of-Things
KW - Intrusion detection system
KW - Signature-based detection
UR - http://www.scopus.com/inward/record.url?scp=85062284371&partnerID=8YFLogxK
U2 - 10.1016/j.future.2019.02.064
DO - 10.1016/j.future.2019.02.064
M3 - Journal article
AN - SCOPUS:85062284371
SN - 0167-739X
VL - 96
SP - 481
EP - 489
JO - Future Generation Computer Systems
JF - Future Generation Computer Systems
ER -