Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to main content
Springer Nature Link
Log in

Evaluating Intrusion Sensitivity Allocation with Support Vector Machine for Collaborative Intrusion Detection

  • Conference paper
  • First Online:
Information Security Practice and Experience (ISPEC 2019)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11879))

  • 1090 Accesses

Abstract

The aim of collaborative intrusion detection networks (CIDNs) is to provide better detection performance over a single IDS, through allowing IDS nodes to exchange data or information with each other. Nevertheless, CIDNs may be vulnerable to insider attacks, and there is a great need for deploying appropriate trust management schemes to protect CIDNs in practice. In this work, we advocate the effectiveness of intrusion sensitivity-based trust management model and describe an engineering way to automatically allocate the sensitivity values by using a support vector machine (SVM) classifier. To explore the allocation performance, we compare our classifier with several traditional supervised algorithms in the evaluation. We further investigate the performance of our enhanced trust management scheme in a real network environment under adversarial scenarios, and the experimental results indicate that our approach can be more effective in detecting insider attacks as compared with similar approaches.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Auria, L., Moro, R.A.: Support vector machines (SVM) as a technique for solvency analysis. DIW Berlin Discussion Paper no. 811 (2008)

    Google Scholar 

  2. Bao, F., Chen, I.R., Chang, M., Cho, J.H.: Hierarchical trust management for wireless sensor networks and its applications to trust-based routing and intrusion detection. IEEE Trans. Netw. Serv. Manage. 9(2), 169–183 (2012)

    Article  Google Scholar 

  3. Duma, C., Karresand, M., Shahmehri, N., Caronni, G.: A trust-aware, P2P-based overlay for intrusion detection. In: Proceedings of DEXA Workshop, pp. 692–697 (2006)

    Google Scholar 

  4. Fung, C.J., Baysal, O., Zhang, J., Aib, I., Boutaba, R.: Trust management for host-based collaborative intrusion detection. In: De Turck, F., Kellerer, W., Kormentzas, G. (eds.) DSOM 2008. LNCS, vol. 5273, pp. 109–122. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-87353-2_9

    Chapter  Google Scholar 

  5. Fung, C.J., Zhang, J., Aib, I., Boutaba, R.: Robust and scalable trust management for collaborative intrusion detection. In: Proceedings of IM, pp. 33–40 (2009)

    Google Scholar 

  6. Li, J., Li, R., Kato, J.: Future trust management framework for mobile ad hoc networks. IEEE Commun. Mag. 46(2), 108–114 (2008)

    Google Scholar 

  7. Liu, X., Zhu, P., Zhang, Y., Chen, K.: A collaborative intrusion detection mechanism against false data injection attack in advanced metering infrastructure. IEEE Trans. Smart Grid 6(5), 2435–2443 (2015)

    Article  Google Scholar 

  8. Li, W., Meng, W., Kwok, L.F.: Enhancing trust evaluation using intrusion sensitivity in collaborative intrusion detection networks: feasibility and challenges. In: Proceedings of the 9th International Conference on Computational Intelligence and Security (CIS), pp. 518–522 (2013)

    Google Scholar 

  9. Li, W., Meng, W., Kwok, L.-F., Ip, H.H.S.: PMFA: toward passive message fingerprint attacks on challenge-based collaborative intrusion detection networks. In: Chen, J., Piuri, V., Su, C., Yung, M. (eds.) NSS 2016. LNCS, vol. 9955, pp. 433–449. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-46298-1_28

    Chapter  Google Scholar 

  10. Li, W., Meng, W.: Enhancing collaborative intrusion detection networks using intrusion sensitivity in detecting pollution attacks. Inf. Comput. Secur. 24(3), 265–276 (2016)

    Article  MathSciNet  Google Scholar 

  11. Li, W., Meng, W., Kwok, L.F., Ip, H.H.S.: Enhancing collaborative intrusion detection networks against insider attacks using supervised intrusion sensitivity-based trust management model. J. Netw. Comput. Appl. 77, 135–145 (2017)

    Article  Google Scholar 

  12. LIBSVM Tools: Multi-label classification. https://www.csie.ntu.edu.tw/~cjlin/libsvmtools/multilabel/

  13. Meng, Y., Kwok, L.F.: Adaptive false alarm filter using machine learning in intrusion detection. In: Wang, Y., Li, T. (eds.) Practical Applications of Intelligent Systems. AINSC, vol. 124. Springer, Berlin (2011). https://doi.org/10.1007/978-3-642-25658-5_68

    Chapter  Google Scholar 

  14. Meng, Y., Li, W., Kwok, L.: Evaluation of detecting malicious nodes using bayesian model in wireless intrusion detection. In: Lopez, J., Huang, X., Sandhu, R. (eds.) NSS 2013. LNCS, vol. 7873, pp. 40–53. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-38631-2_4

    Chapter  Google Scholar 

  15. Paola, J.D., Schowengerdt, R.A.: A detailed comparison of backpropagation neural network and maximum-likelihood classifiers for urban land use classification. IEEE Trans. Geosci. Remote Sens. 33(4), 981–996 (1995)

    Article  Google Scholar 

  16. Qin, Z., Jia, Z., Chen, X.: Fuzzy dynamic programming based trusted routing decision in mobile ad hoc networks. In: Proceedings of the 5th IEEE International Symposium on Embedded Computing (SEC), pp. 180–185 (2008)

    Google Scholar 

  17. Resnick, P., Kuwabara, K., Zeckhauser, R., Friedman, E.: Reputation systems. Commun. ACM 43(12), 45–48 (2000)

    Article  Google Scholar 

  18. Roesch, M.: Snort: lightweight intrusion detection for networks. In: Proceedings of Usenix Lisa Conference, pp. 229–238 (1999)

    Google Scholar 

  19. Scarfone, K., Mell, P.: Guide to intrusion detection and prevention systems (IDPS). NIST Special Publication 800–94, Feburary 2007

    Google Scholar 

  20. Shamshirband, S., Anuar, N.B., Kiah, M.L.M., Patel, A.: An appraisal and design of a multi-agent system based cooperative wireless intrusion detection computational intelligence technique. Eng. Appl. Artif. Intell. 26(9), 2105–2127 (2013)

    Article  Google Scholar 

  21. Snort, Homepage. http://www.snort.org/

  22. Vasilomanolakis, E., Karuppayah, S., Muhlhauser, M., Fischer, M.: Taxonomy and survey of collaborative intrusion detection. ACM Comput. Surv. 47(4), 55 (2015)

    Article  Google Scholar 

  23. Wu, Y.S., Foo, B., Mei, Y., Bagchi, S.: Collaborative intrusion detection system (CIDS): a framework for accurate and efficient IDS. In: Proceedings of ACSAC, pp. 234–244 (2003)

    Google Scholar 

  24. Yuan, Y., Shaw, M.J.: Induction of fuzzy decision trees. Fuzzy Sets Syst. 69(2), 125–139 (1995)

    Article  MathSciNet  Google Scholar 

Download references

Acknowledgments

This work was partially supported by National Natural Science Foundation of China (No. 61802077).

Author information

Authors and Affiliations

  1. Department of Computer Science, City University of Hong Kong, Hong Kong, China

    Wenjuan Li & Lam For Kwok

  2. Department of Applied Mathematics and Computer Science, Technical University of Denmark, Lyngby, Denmark

    Weizhi Meng

Authors
  1. Wenjuan Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Weizhi Meng
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Lam For Kwok
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Weizhi Meng .

Editor information

Editors and Affiliations

  1. Multimedia University, Malacca, Malaysia

    Swee-Huay Heng

  2. University of Malaga, Malaga, Spain

    Javier Lopez

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Li, W., Meng, W., Kwok, L.F. (2019). Evaluating Intrusion Sensitivity Allocation with Support Vector Machine for Collaborative Intrusion Detection. In: Heng, SH., Lopez, J. (eds) Information Security Practice and Experience. ISPEC 2019. Lecture Notes in Computer Science(), vol 11879. Springer, Cham. https://doi.org/10.1007/978-3-030-34339-2_26

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-34339-2_26

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-34338-5

  • Online ISBN: 978-3-030-34339-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation