Abstract
The development of collaborative intrusion detection networks (CIDNs) aims to enhance the performance of a single intrusion detection system (IDS), through communicating and collecting information from other IDS nodes. To defend CIDNs against insider attacks, trust-based mechanisms are crucial for evaluating the trustworthiness of a node. In the literature, challenge-based trust mechanisms are well established to identify malicious nodes by identifying the deviation between challenges and responses. However, such mechanisms rely on two major assumptions, which may result in a weak threat model and render CIDNs still vulnerable to advanced insider attacks in a practical deployment. In this paper, our motivation is to investigate the effect of On-Off attacks on challenge-based CIDNs. In particular, as a study, we explore a special On-Off attack (called SOOA), which can keep responding normally to one node while acting abnormally to another node. In the evaluation, we explore the attack performance under simulated CIDN environments. Experimental results indicate that our attack can interfere the effectiveness of trust computation for CIDN nodes. Copyright © 2017 Springer International Publishing AG.
Original language | English |
---|---|
Title of host publication | Green, pervasive, and cloud computing: 12th International Conference, GPC 2017, Cetara, Italy, May 11-14, 2017, proceedings |
Editors | Man Ho Allen AU, Arcangelo CASTIGLIONE, Kim-Kwang Raymond CHOO, Francesco PALMIERI, Kuan-Ching LI |
Place of Publication | Cham |
Publisher | Springer |
Pages | 402-415 |
ISBN (Electronic) | 9783319571867 |
ISBN (Print) | 9783319571850 |
DOIs | |
Publication status | Published - 2017 |
Citation
Li, W., Meng, W., & Kwok, L.-F. (2017). SOOA: Exploring special on-off attacks on challenge-based collaborative intrusion detection networks. In M. H. A. Au, A. Castiglione, K.-K. R. Choo, F. Palmieri, & K.-C. Li (Eds.), Green, pervasive, and cloud computing: 12th International Conference, GPC 2017, Cetara, Italy, May 11-14, 2017, proceedings (pp. 402-415). Springer. https://doi.org/10.1007/978-3-319-57186-7_30Keywords
- Intrusion detection system
- Collaborative network
- On-off attacks
- Challenge-based CIDN
- Trust management