Evaluating the impact of intrusion sensitivity on securing collaborative intrusion detection networks against SOOA

David Madsen, Wenjuan Li, Weizhi Meng, Yu Wang

Research output: Chapter in book / Conference proceedingConference article published in proceeding or bookAcademic researchpeer-review

4 Citations (Scopus)

Abstract

Cyber attacks are greatly expanding in both size and complexity. To handle this issue, research has been focused on collaborative intrusion detection networks (CIDNs), which can improve the detection accuracy of a single IDS by allowing various nodes to communicate with each other. While such collaborative system or network is vulnerable to insider attacks, which can significantly reduce the advantages of a detector. To protect CIDNs against insider attacks, one potential way is to enhance the trust evaluation among IDS nodes, i.e., by emphasizing the impact of expert nodes. In this work, we adopt the notion of intrusion sensitivity that assigns different values of detection capability relating to particular attacks, and evaluate its impact on defending against a special On-Off attack (SOOA). In the evaluation, we investigate the impact of intrusion sensitivity in a simulated CIDN environment, and experimental results demonstrate that the use of intrusion sensitivity can help enhance the security of CIDNs under adversarial scenarios, like SOOA.

Original languageEnglish
Title of host publicationAlgorithms and Architectures for Parallel Processing - 18th International Conference, ICA3PP 2018, Proceedings
EditorsJaideep Vaidya, Jin Li
PublisherSpringer Verlag
Pages481-494
Number of pages14
ISBN (Print)9783030050627
DOIs
Publication statusPublished - 2018
Externally publishedYes
Event18th International Conference on Algorithms and Architectures for Parallel Processing, ICA3PP 2018 - Guangzhou, China
Duration: 15 Nov 201817 Nov 2018

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume11337 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference18th International Conference on Algorithms and Architectures for Parallel Processing, ICA3PP 2018
Country/TerritoryChina
CityGuangzhou
Period15/11/1817/11/18

Keywords

  • Challenge-based trust mechanism
  • Collaborative network
  • Insider attack
  • Intrusion detection
  • Intrusion sensitivity

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

Fingerprint

Dive into the research topics of 'Evaluating the impact of intrusion sensitivity on securing collaborative intrusion detection networks against SOOA'. Together they form a unique fingerprint.

Cite this