[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to main content
Springer Nature Link
Log in

A Robust Intrusion Detection Network Using Thresholdless Trust Management System with Incentive Design

  • Conference paper
  • First Online:
Security and Privacy in Communication Networks (SecureComm 2018)

Abstract

Intrusion detection networks (IDNs) have been developed to improve the detection accuracy of a single IDS, by collecting intrusion intelligence knowledge and learning experience from other IDSs. However, some malicious IDSs within an IDN can corrupt the whole collaborative network. In this paper, we propose a robust trust management system, where each IDS evaluates the trustworthiness of its neighbors by making direct observations on their recommendations over time. We present a thresholdless clustering technique that automatically discards malicious neighbors. Our clustering approach with its effective features only needs to assume that each IDS has at least one honest neighbor. Hence, we do not need to assume that the majority of the involved IDSs are honest. Furthermore, we design an incentive utility function to penalize free-riders.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
£29.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
GBP 19.95
Price includes VAT (United Kingdom)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
GBP 35.99
Price includes VAT (United Kingdom)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
GBP 44.99
Price includes VAT (United Kingdom)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    The other possibility is to use quantification technique. However, it introduces a new parameter into the system.

  2. 2.

    Notice that \(T_{j,i}^{\tau +1}\) is a private information of the IDS j. However, in our settings, the trust management system is centralized and a trusted third party (e.g., Dshield.org) honestly plays the roll of each IDS. Therefore, we have access to such private values.

References

  1. Dshield dataset. https://www.dshield.org/

  2. Alpcan, T., Basar, T.: A game theoretic approach to decision and analysis in network intrusion detection. In: Proceedings of 42nd IEEE Conference on Decision and Control, vol. 3, pp. 2595–2600. IEEE (2003)

    Google Scholar 

  3. Chen, S., Liu, D., Chen, S., Jajodia, S.: V-cops: a vulnerability-based cooperative alert distribution system. In: 22nd Annual Computer Security Applications Conference, ACSAC 2006, pp. 43–56. IEEE (2006)

    Google Scholar 

  4. Douceur, J.R.: The sybil attack. In: Druschel, P., Kaashoek, F., Rowstron, A. (eds.) IPTPS 2002. LNCS, vol. 2429, pp. 251–260. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45748-8_24

    Chapter  Google Scholar 

  5. Frey, B.J., Dueck, D.: Clustering by passing messages between data points. Science 315(5814), 972–976 (2007)

    Article  MathSciNet  Google Scholar 

  6. Fung, C.J., Baysal, O., Zhang, J., Aib, I., Boutaba, R.: Trust management for host-based collaborative intrusion detection. In: De Turck, F., Kellerer, W., Kormentzas, G. (eds.) DSOM 2008. LNCS, vol. 5273, pp. 109–122. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-87353-2_9

    Chapter  Google Scholar 

  7. Fung, C.J., Zhang, J., Aib, I., Boutaba, R.: Robust and scalable trust management for collaborative intrusion detection. In: IFIP/IEEE International Symposium on Integrated Network Management, IM 2009, pp. 33–40. IEEE (2009)

    Google Scholar 

  8. Ganeriwal, S., Balzano, L.K., Srivastava, M.B.: Reputation-based framework for high integrity sensor networks. ACM Trans. Sens. Netw. 4(3), 15:1–15:37 (2008)

    Article  Google Scholar 

  9. Hongjun, D., Zhiping, J., Xiaona, D.: An entropy-based trust modeling and evaluation for wireless sensor networks. In: International Conference on Embedded Software and Systems, ICESS 2008, pp. 27–34. IEEE (2008)

    Google Scholar 

  10. Li, W., Meng, W., Kwok, L.F., IP, H.H.: Enhancing collaborative intrusion detection networks against insider attacks using supervised intrusion sensitivity-based trust management model. J. Netw. Comput. Appl. 77(C), 135–145 (2017)

    Article  Google Scholar 

  11. Marchang, N., Datta, R., Das, S.K.: A novel approach for efficient usage of intrusion detection system in mobile ad hoc networks. IEEE Trans. Veh. Technol. 66(2), 1684–1695 (2017)

    Article  Google Scholar 

  12. Nguyen, T., Seneviratne, A., Hoang, D., Nguyen, D.: Initial trust establishment for personal space IoT systems. In: IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS): MobiSec 2017 (2017)

    Google Scholar 

  13. Nielsen, M., Krukow, K., Sassone, V.: A Bayesian model for event-based trust. Electron. Notes Theor. Comput. Sci. 172, 499–521 (2007)

    Article  MathSciNet  Google Scholar 

  14. Rezapour, A., Tzeng, W.G.: A robust algorithm for predicting attacks using collaborative security logs (2017). Manuscript

    Google Scholar 

  15. Soldo, F., Le, A., Markopoulou, A.: Predictive blacklisting as an implicit recommendation system. In: Proceedings of the 29th Conference on Information Communications, INFOCOM 2010, pp. 1640–1648. IEEE Press, Piscataway (2010)

    Google Scholar 

  16. Srour, L., Kayssi, A., Chehab, A.: Reputation-based algorithm for managing trust in file sharing networks. In: Securecomm and Workshops, pp. 1–10. IEEE (2006)

    Google Scholar 

  17. Sun, Y.L., Yu, W., Han, Z., Liu, K.J.: Information theoretic framework of trust modeling and evaluation for ad hoc networks. IEEE J. Sel. A. Commun. 24(2), 305–317 (2006)

    Article  Google Scholar 

  18. Tuan, T.A.: A game-theoretic analysis of trust management in P2P systems. In: First International Conference on Communications and Electronics, ICCE 2006, pp. 130–134. IEEE (2006)

    Google Scholar 

  19. Wu, Y.S., Foo, B., Mei, Y., Bagchi, S.: Collaborative intrusion detection system (CIDS): a framework for accurate and efficient IDs. In: Proceedings of the 19th Annual Computer Security Applications Conference, ACSAC 2003, p. 234. IEEE Computer Society, Washington, DC (2003)

    Google Scholar 

  20. Yegneswaran, V., Barford, P., Jha, S.: Global intrusion detection in the domino overlay system. In: NDSS (2004)

    Google Scholar 

  21. Zhang, J., Porras, P., Ullrich, J.: Highly predictive blacklisting. In: Proceedings of the 17th Conference on Security Symposium, SS 2008, pp. 107–122. USENIX Association, Berkeley (2008)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, National Chiao Tung University, Hsinchu, Taiwan

    Amir Rezapour & Wen-Guey Tzeng

Authors
  1. Amir Rezapour
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Wen-Guey Tzeng
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Amir Rezapour .

Editor information

Editors and Affiliations

  1. Klaus Advanced Computing Building, Georgia Institute of Technology, Atlanta, GA, USA

    Raheem Beyah

  2. Singapore Management University, Singapore, Singapore

    Bing Chang

  3. School of Information Systems, Singapore Management University, Singapore, Singapore

    Yingjiu Li

  4. Pennsylvania State University, University Park, PA, USA

    Sencun Zhu

Rights and permissions

Reprints and permissions

Copyright information

© 2018 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Rezapour, A., Tzeng, WG. (2018). A Robust Intrusion Detection Network Using Thresholdless Trust Management System with Incentive Design. In: Beyah, R., Chang, B., Li, Y., Zhu, S. (eds) Security and Privacy in Communication Networks. SecureComm 2018. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 255. Springer, Cham. https://doi.org/10.1007/978-3-030-01704-0_8

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-01704-0_8

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-01703-3

  • Online ISBN: 978-3-030-01704-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation