Developing advanced fingerprint attacks on challenge-based collaborative intrusion detection networks

Wenjuan LI, Weizhi MENG, Lam-For KWOK, Horace H. S. IP

Research output: Contribution to journalArticlespeer-review

18 Citations (Scopus)

Abstract

Traditionally, an isolated intrusion detection system (IDS) is vulnerable to various types of attacks. In order to enhance IDS performance, collaborative intrusion detection networks (CIDNs) are developed through enabling a set of IDS nodes to communicate with each other. Due to the distributed network architecture, insider attacks are one of the major threats. In the literature, challenge-based trust mechanisms have been built to identify malicious nodes by evaluating the satisfaction levels between challenges and responses. However, such mechanisms rely on two major assumptions, which may result in a weak threat model. In this case, CIDNs may be still vulnerable to advanced insider attacks in real-world deployment. In this paper, we propose a novel collusion attack, called passive message fingerprint attack (PMFA), which can collect messages and identify normal requests in a passive way. In the evaluation, we explore the attack performance under both simulated and real network environments. Experimental results demonstrate that our attack can help malicious nodes send malicious responses to normal requests, while maintaining their trust values. Copyright © 2018 Springer Science+Business Media New York.

Original languageEnglish
Pages (from-to)299-310
JournalCluster Computing
Volume21
Early online dateMay 2017
DOIs
Publication statusPublished - Mar 2018

Citation

Li, W., Meng, W., Kwok, L.-F., & Ip, H. H. S. (2018). Developing advanced fingerprint attacks on challenge-based collaborative intrusion detection networks. Cluster Computing, 21, 299-310. https://doi.org/10.1007/s10586-017-0955-8

Keywords

  • Intrusion detection system
  • Collaborative network
  • Insider threats
  • Collusion attacks
  • Challenge-based trust mechanism

Fingerprint

Dive into the research topics of 'Developing advanced fingerprint attacks on challenge-based collaborative intrusion detection networks'. Together they form a unique fingerprint.