Article

Robust and scalable trust management for collaborative intrusion detection

Authors:

Carol J. Fung,

Jie Zhang,

Issam Aib,

Raouf BoutabaAuthors Info & Claims

IM'09: Proceedings of the 11th IFIP/IEEE international conference on Symposium on Integrated Network Management

Pages 33 - 40

Published: 01 June 2009 Publication History

Abstract

The accuracy of detecting intrusions within an Intrusion Detection Network (IDN) depends on the efficiency of collaboration between the peer Intrusion Detection Systems (IDSes) as well as the security itself of the IDN against insider threats. In this paper, we study host-based IDNs and introduce a Dirichlet-based model to measure the level of trustworthiness among peer IDSes according to their mutual experience. The model has strong scalability properties and is robust against common insider threats, such as a compromised or malfunctioning peer. We evaluate our system based on a simulated collaborative host-based IDS network. The experimental results demonstrate the improved robustness, efficiency, and scalability of our system in detecting intrusions in comparison with existing models.

References

[1]

J. Aycock. Painting the internet: A different kind of warhol worm. Technical Report, TR2006-834-27, University of Calgary, 2006.

Google Scholar

[2]

J. Douceur. The sybil attack. Peer-To-Peer Systems: First International Workshop, IPTPS 2002, Cambridge, MA, USA, March 7-8, 2002, 2002.

Digital Library

Google Scholar

[3]

C. Duma, M. Karresand, N. Shahmehri, and G. Caronni. A trust-aware, p2p-based overlay for intrusion detection. In DEXA Workshops, 2006.

Digital Library

Google Scholar

[4]

C. Fung, O. Baysal, J. Zhang, I. Aib, and R. Boutaba. Trust management for host-based collaborative intrusion detection. In 19th IFIP/IEEE International Workshop on Distributed Systems, 2008.

Digital Library

Google Scholar

[5]

R. Janakiraman and M. Zhang. Indra: a peer-to-peer approach to network intrusion detection and prevention. WET ICE 2003. Proceedings of the 12th IEEE International Workshops on Enabling Technologies, 2003.

Digital Library

Google Scholar

[6]

T. Jiang and J. Baras. Trust evaluation in anarchy: A case study on autonomous networks. In INFOCOM. IEEE, 2006.

Crossref

Google Scholar

[7]

Z. Li, Y. Chen, and A. Beach. Towards scalable and robust distributed intrusion alert fusion with good load balancing. In LSAD '06, 2006.

Digital Library

Google Scholar

[8]

P. Resnick, K. Kuwabara, R. Zeckhauser, and E. Friedman. Reputation systems. Commun. ACM, 43(12):45-48, 2000.

Digital Library

Google Scholar

[9]

S. Russell and P. Norvig. Artificial Intelligence: A Modern Approach. Second Edition, Prentice Hall, Englewood Cliffs, New Jersey, 2002.

Digital Library

Google Scholar

[10]

Y. Sun, Z. Han, W. Yu, and K. Liu. A trust evaluation framework in distributed networks: Vulnerability analysis and defense against attacks. In INFOCOM. IEEE, 2006.

Crossref

Google Scholar

[11]

B. Yu and M. Singh. Detecting deception in reputation management. Proceedings of the second international joint conference on Autonomous agents and multiagent systems, pages 73-80, 2003.

Digital Library

Google Scholar

[12]

J. Zhang and R. Cohen. Trusting advice from other buyers in e-marketplaces: the problem of unfair ratings. In ICEC '06, pages 225-234, New York, NY, 2006. ACM.

Digital Library

Google Scholar

Cited By

View all

Meng WLi WKwok L(2017)Towards Effective Trust-Based Packet Filtering in Collaborative Network EnvironmentsIEEE Transactions on Network and Service Management10.1109/TNSM.2017.266489314:1(233-245)Online publication date: 1-Mar-2017
https://dl.acm.org/doi/10.1109/TNSM.2017.2664893
Li WMeng WKwok LIP H(2017)Enhancing collaborative intrusion detection networks against insider attacks using supervised intrusion sensitivity-based trust management modelJournal of Network and Computer Applications10.1016/j.jnca.2016.09.01477:C(135-145)Online publication date: 1-Jan-2017
https://dl.acm.org/doi/10.1016/j.jnca.2016.09.014
Meng GLiu YZhang JPokluda ABoutaba R(2015)Collaborative SecurityACM Computing Surveys10.1145/278573348:1(1-42)Online publication date: 22-Jul-2015
https://dl.acm.org/doi/10.1145/2785733
Show More Cited By

Robust and scalable trust management for collaborative intrusion detection
1. Security and privacy
  1. Systems security
2. Social and professional topics
  1. Computing / technology policy

Recommendations

Trust Management and Admission Control for Host-Based Collaborative Intrusion Detection

The accuracy of detecting an intrusion within a network of intrusion detection systems (IDSes) depends on the efficiency of collaboration between member IDSes. The security itself within this network is an additional concern that needs to be addressed. ...
Trust Management for Host-Based Collaborative Intrusion Detection
DSOM '08: Proceedings of the 19th IFIP/IEEE international workshop on Distributed Systems: Operations and Management: Managing Large-Scale Service Deployment

The accuracy of detecting an intrusion within a network of intrusion detection systems (IDSes) depends on the efficiency of collaboration between member IDSes. The security itself within this network is an additional concern that needs to be addressed. ...
Enhancing Trust Evaluation Using Intrusion Sensitivity in Collaborative Intrusion Detection Networks: Feasibility and Challenges
CIS '13: Proceedings of the 2013 Ninth International Conference on Computational Intelligence and Security

Intrusion detection systems (IDSs) have been widely deployed in computers and networks to identify a variety of attacks. But network intrusions are now becoming more and more sophisticated to detect, thus, collaborative intrusion detection networks (...

Comments

Information & Contributors

Information

Published In

IM'09: Proceedings of the 11th IFIP/IEEE international conference on Symposium on Integrated Network Management

June 2009

832 pages

ISBN:9781424434862

Publisher

IEEE Press

Publication History

Published: 01 June 2009

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

7
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 09 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Meng WLi WKwok L(2017)Towards Effective Trust-Based Packet Filtering in Collaborative Network EnvironmentsIEEE Transactions on Network and Service Management10.1109/TNSM.2017.266489314:1(233-245)Online publication date: 1-Mar-2017
https://dl.acm.org/doi/10.1109/TNSM.2017.2664893
Li WMeng WKwok LIP H(2017)Enhancing collaborative intrusion detection networks against insider attacks using supervised intrusion sensitivity-based trust management modelJournal of Network and Computer Applications10.1016/j.jnca.2016.09.01477:C(135-145)Online publication date: 1-Jan-2017
https://dl.acm.org/doi/10.1016/j.jnca.2016.09.014
Meng GLiu YZhang JPokluda ABoutaba R(2015)Collaborative SecurityACM Computing Surveys10.1145/278573348:1(1-42)Online publication date: 22-Jul-2015
https://dl.acm.org/doi/10.1145/2785733
Vasilomanolakis EKaruppayah SMühlhäuser MFischer M(2015)Taxonomy and Survey of Collaborative Intrusion DetectionACM Computing Surveys10.1145/271626047:4(1-33)Online publication date: 11-May-2015
https://dl.acm.org/doi/10.1145/2716260
Manshaei MZhu QAlpcan TBacşar THubaux J(2013)Game theory meets network security and privacyACM Computing Surveys10.1145/2480741.248074245:3(1-39)Online publication date: 3-Jul-2013
https://dl.acm.org/doi/10.1145/2480741.2480742
Fung CZhu QBoutaba RBaşar TChemouil PMehaoua AFestor OLupu E(2011)SMURFENProceedings of the 7th International Conference on Network and Services Management10.5555/2147671.2147711(248-253)Online publication date: 24-Oct-2011
https://dl.acm.org/doi/10.5555/2147671.2147711
Fung CZhang JAib IBoutaba R(2011)Trust Management and Admission Control for Host-Based Collaborative Intrusion DetectionJournal of Network and Systems Management10.1007/s10922-010-9176-719:2(257-277)Online publication date: 1-Jun-2011
https://dl.acm.org/doi/10.1007/s10922-010-9176-7

View Options

View options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Abstract

References

Cited By

Recommendations

Trust Management and Admission Control for Host-Based Collaborative Intrusion Detection

Trust Management for Host-Based Collaborative Intrusion Detection

Enhancing Trust Evaluation Using Intrusion Sensitivity in Collaborative Intrusion Detection Networks: Feasibility and Challenges

Comments

Information

Published In

Publisher

Publication History

Qualifiers

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

View options

Get Access

Login options

Full Access

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations