TY - GEN
T1 - Evaluating the impact of intrusion sensitivity on securing collaborative intrusion detection networks against SOOA
AU - Madsen, David
AU - Li, Wenjuan
AU - Meng, Weizhi
AU - Wang, Yu
N1 - Publisher Copyright:
© Springer Nature Switzerland AG 2018.
PY - 2018
Y1 - 2018
N2 - Cyber attacks are greatly expanding in both size and complexity. To handle this issue, research has been focused on collaborative intrusion detection networks (CIDNs), which can improve the detection accuracy of a single IDS by allowing various nodes to communicate with each other. While such collaborative system or network is vulnerable to insider attacks, which can significantly reduce the advantages of a detector. To protect CIDNs against insider attacks, one potential way is to enhance the trust evaluation among IDS nodes, i.e., by emphasizing the impact of expert nodes. In this work, we adopt the notion of intrusion sensitivity that assigns different values of detection capability relating to particular attacks, and evaluate its impact on defending against a special On-Off attack (SOOA). In the evaluation, we investigate the impact of intrusion sensitivity in a simulated CIDN environment, and experimental results demonstrate that the use of intrusion sensitivity can help enhance the security of CIDNs under adversarial scenarios, like SOOA.
AB - Cyber attacks are greatly expanding in both size and complexity. To handle this issue, research has been focused on collaborative intrusion detection networks (CIDNs), which can improve the detection accuracy of a single IDS by allowing various nodes to communicate with each other. While such collaborative system or network is vulnerable to insider attacks, which can significantly reduce the advantages of a detector. To protect CIDNs against insider attacks, one potential way is to enhance the trust evaluation among IDS nodes, i.e., by emphasizing the impact of expert nodes. In this work, we adopt the notion of intrusion sensitivity that assigns different values of detection capability relating to particular attacks, and evaluate its impact on defending against a special On-Off attack (SOOA). In the evaluation, we investigate the impact of intrusion sensitivity in a simulated CIDN environment, and experimental results demonstrate that the use of intrusion sensitivity can help enhance the security of CIDNs under adversarial scenarios, like SOOA.
KW - Challenge-based trust mechanism
KW - Collaborative network
KW - Insider attack
KW - Intrusion detection
KW - Intrusion sensitivity
UR - http://www.scopus.com/inward/record.url?scp=85058653349&partnerID=8YFLogxK
U2 - 10.1007/978-3-030-05063-4_36
DO - 10.1007/978-3-030-05063-4_36
M3 - Conference article published in proceeding or book
AN - SCOPUS:85058653349
SN - 9783030050627
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 481
EP - 494
BT - Algorithms and Architectures for Parallel Processing - 18th International Conference, ICA3PP 2018, Proceedings
A2 - Vaidya, Jaideep
A2 - Li, Jin
PB - Springer Verlag
T2 - 18th International Conference on Algorithms and Architectures for Parallel Processing, ICA3PP 2018
Y2 - 15 November 2018 through 17 November 2018
ER -