SOOA: Exploring special on-off attacks on challenge-based collaborative intrusion detection networks

Wenjuan Li, Weizhi Meng, Lam For Kwok

Research output: Chapter in book / Conference proceedingConference article published in proceeding or bookAcademic researchpeer-review

24 Citations (Scopus)

Abstract

The development of collaborative intrusion detection networks (CIDNs) aims to enhance the performance of a single intrusion detection system (IDS), through communicating and collecting information from other IDS nodes. To defend CIDNs against insider attacks, trust-based mechanisms are crucial for evaluating the trustworthiness of a node. In the literature, challenge-based trust mechanisms are well established to identify malicious nodes by identifying the deviation between challenges and responses. However, such mechanisms rely on two major assumptions, which may result in a weak threat model and render CIDNs still vulnerable to advanced insider attacks in a practical deployment. In this paper, our motivation is to investigate the effect of On-Off attacks on challenge-based CIDNs. In particular, as a study, we explore a special On-Off attack (called SOOA), which can keep responding normally to one node while acting abnormally to another node. In the evaluation, we explore the attack performance under simulated CIDN environments. Experimental results indicate that our attack can interfere the effectiveness of trust computation for CIDN nodes.

Original languageEnglish
Title of host publicationGreen, Pervasive, and Cloud Computing - 12th International Conference, GPC 2017, Proceedings
EditorsMan Ho Allen Au, Kim-Kwang Raymond Choo, Kuan-Ching Li, Arcangelo Castiglione, Francesco Palmieri
PublisherSpringer Verlag
Pages402-415
Number of pages14
ISBN (Print)9783319571850
DOIs
Publication statusPublished - 2017
Externally publishedYes
Event12th International Conference on Green, Pervasive and Cloud Computing, GPC 2017 - Cetara, Italy
Duration: 11 May 201714 May 2017

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume10232 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference12th International Conference on Green, Pervasive and Cloud Computing, GPC 2017
Country/TerritoryItaly
CityCetara
Period11/05/1714/05/17

Keywords

  • Challenge-based CIDN
  • Collaborative network
  • Intrusion detection system
  • On-off attacks
  • Trust management

ASJC Scopus subject areas

  • Theoretical Computer Science
  • General Computer Science

Fingerprint

Dive into the research topics of 'SOOA: Exploring special on-off attacks on challenge-based collaborative intrusion detection networks'. Together they form a unique fingerprint.

Cite this