Towards securing challenge-based collaborative intrusion detection networks via message verification

Wenjuan Li, Weizhi Meng, Yu Wang, Jinguang Han, Jin Li

Research output: Chapter in book / Conference proceedingConference article published in proceeding or bookAcademic researchpeer-review

7 Citations (Scopus)

Abstract

With the increasing number of Internet-of-Things (IoT) devices, intrusion detection systems (IDSs) have been widely deployed in a distributed or collaborative setting, in which a collaborative intrusion detection network (CIDN) improves the detection accuracy of a single IDS by enabling IDS nodes to exchange useful information with each other. To protect CIDNs against insider attacks, challenge-based trust mechanisms are one promising solution to detect malicious nodes through sending challenges. However, several studies have revealed that this kind of mechanism is still vulnerable to some advanced insider attacks like passive message fingerprint attack (PMFA). Motivated by this observation, in this work, we focus on enhancing the security of challenge-based CIDNs and propose a compact but efficient message verification approach to defeat such insider attack by inserting a verifying alarm into each normal request. In the evaluation, we investigate the attack performance under both simulated and real network environments. Experimental results demonstrate that our approach can identify malicious nodes under PMFA and decrease their trust values in a quick manner.

Original languageEnglish
Title of host publicationInformation Security Practice and Experience - 14th International Conference, ISPEC 2018, Proceedings
EditorsHiroaki Kikuchi, Chunhua Su
PublisherSpringer Verlag
Pages313-328
Number of pages16
ISBN (Print)9783319998060
DOIs
Publication statusPublished - 2018
Externally publishedYes
Event14th International Conference on Information Security Practice and Experience, ISPEC 2018 - Tokyo, Japan
Duration: 25 Sep 201827 Sep 2018

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume11125 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference14th International Conference on Information Security Practice and Experience, ISPEC 2018
Country/TerritoryJapan
CityTokyo
Period25/09/1827/09/18

Keywords

  • Challenge-based trust mechanism
  • Collaborative network
  • Insider attack
  • Intrusion detection
  • Passive message fingerprint attack

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

Cite this