Enhancing collaborative intrusion detection networks against insider attacks using supervised intrusion sensitivity-based trust management model

Wenjuan Li, Weizhi Meng, Lam For Kwok, Horace H.S. IP

Research output: Journal article publicationJournal articleAcademic researchpeer-review

76 Citations (Scopus)

Abstract

To defend against complex attacks, collaborative intrusion detection networks (CIDNs) have been developed to enhance the detection accuracy, which enable an IDS to collect information and learn experience from others. However, this kind of networks is vulnerable to malicious nodes which are utilized by insider attacks (e.g., betrayal attacks). In our previous research, we developed a notion of intrusion sensitivity and identified that it can help improve the detection of insider attacks, whereas it is still a challenge for these nodes to automatically assign the values. In this article, we therefore aim to design an intrusion sensitivity-based trust management model that allows each IDS to evaluate the trustworthiness of others by considering their detection sensitivities, and further develop a supervised approach, which employs machine learning techniques to automatically assign the values of intrusion sensitivity based on expert knowledge. In the evaluation, we compare the performance of three different supervised classifiers in assigning sensitivity values and investigate our trust model under different attack scenarios and in a real wireless sensor network. Experimental results indicate that our trust model can enhance the detection accuracy of malicious nodes and achieve better performance as compared with similar models.

Original languageEnglish
Pages (from-to)135-145
Number of pages11
JournalJournal of Network and Computer Applications
Volume77
DOIs
Publication statusPublished - 1 Jan 2017
Externally publishedYes

Keywords

  • Collaborative network
  • Insider attacks
  • Intrusion detection
  • Intrusion sensitivity
  • Machine learning
  • Trust management model

ASJC Scopus subject areas

  • Hardware and Architecture
  • Computer Science Applications
  • Computer Networks and Communications

Fingerprint

Dive into the research topics of 'Enhancing collaborative intrusion detection networks against insider attacks using supervised intrusion sensitivity-based trust management model'. Together they form a unique fingerprint.

Cite this