Abstract
To protect network assets from various cyber intrusions and fit the distributed environments like Internet of Things (IoTs), collaborative intrusion detection systems (CIDSs) are widely implemented allowing each detection node to exchange required data and information. This aims to improve the detection performance against some complicated attacks. In recent years, software defined networking (SDN) is developing rapidly, which can simplify the network complexity by separating the controller plane from the forwarding plane. In this way, the controller can manage the whole network without knowing the underlying structure and devices. To identify underlying malicious nodes or devices, CIDSs are still an important solution to secure SDN, but might be vulnerable to insider threats, in which an attacker can behave maliciously insider the network. In this work, we focus on this issue and advocate the merit on combining trust management and blockchain technology. Trust management can help evaluate the trustworthiness of each node, and blockchain technology can allow communication without a trusted party while ensuring the integrity of shared data. We then introduce a general framework of blockchain-based collaborative intrusion detection in SDN. In the study, we take challenge-based CIDS as a case, and evaluate our framework performance under both external and internal attacks. Our results indicate the viability and effectiveness of our framework. Copyright © 2020 Springer Nature Switzerland AG.
Original language | English |
---|---|
Title of host publication | Network and system security: 14th International Conference, NSS 2020, Melbourne, VIC, Australia, November 25–27, 2020, proceedings |
Editors | Mirosław KUTYŁOWSKI, Jun ZHANG, Chao CHEN |
Place of Publication | Cham |
Publisher | Springer |
Pages | 261-276 |
ISBN (Electronic) | 9783030657451 |
ISBN (Print) | 9783030657444 |
DOIs | |
Publication status | Published - 2020 |
Citation
Li, W., Tan, J., & Wang, Y. (2020). A framework of blockchain-based collaborative intrusion detection in software defined networking. In M. Kutyłowski, J. Zhang, & C. Chen (Eds.), Network and system security: 14th International Conference, NSS 2020, Melbourne, VIC, Australia, November 25–27, 2020, proceedings (pp. 261-276). Springerg. https://doi.org/10.1007/978-3-030-65745-1_15Keywords
- Collaborative intrusion detection
- Blockchain technology
- Software defined networking
- Insider attack
- Trust management