Abstract
Owing to the swift growth in cyber attacks, intrusion detection systems (IDSs) have become a necessity to help safeguard personal and organizational assets. However, with the increasing size of computer networks, it becomes difficult for a stand-alone IDS to identify sophisticated and advanced threats, such as DDoS attack, due to the lack of conual information and knowledge regarding the deployed environments. To tackle this issue, distributed and collaborative IDSs (DIDSs and CIDSs) are developed, which enable a set of IDS nodes to operate in a collaborative way through exchanging required information. In this survey, we first summarize the state-of-the-art for traditional DIDSs according to the collaboration topology, e.g., centralized, decentralized, and distributed, and discuss major external and internal threats. Because of the distributed nature and various threats, trust is often enforced among various IDS nodes. We then summarize the relevant research on trust-based DIDSs/CIDSs in a chronological order. Also, we highlight challenges and future directions in this field. The main purpose of this survey is to stimulate more research efforts in developing robust and practical trust-based collaborative intrusion detection. Copyright © 2021 IEEE.
Original language | English |
---|---|
Pages (from-to) | 280-305 |
Journal | IEEE Communications Surveys & Tutorials |
Volume | 24 |
Issue number | 1 |
Early online date | Dec 2021 |
DOIs | |
Publication status | Published - 2022 |
Citation
Li, W., Meng, W., & Kwok, L. F. (2022). Surveying trust-based collaborative intrusion detection: State-of-the-art, challenges and future directions. IEEE Communications Surveys & Tutorials, 24(1), 280-305. https://doi.org/10.1109/COMST.2021.3139052Keywords
- Collaborative intrusion detection
- Trust computation and management
- Insider attack
- Distributed network
- Challenges and future directions
- Review and survey