Publication Type
Conference Proceeding Article
Version
acceptedVersion
Publication Date
8-2016
Abstract
To encourage collaboration among single intrusion detection systems (IDSs), collaborative intrusion detection networks (CIDNs) have been developed that enable different IDS nodes to communicate information with each other. This distributed network infrastructure aims to improve the detection performance of a single IDS, but may suffer from various insider attacks like collusion attacks, where several malicious nodes can collaborate to perform adversary actions. To defend against insider threats, challenge-based trust mechanisms have been proposed in the literature and proven to be robust against collusion attacks. However, we identify that such mechanisms depend heavily on an assumption of malicious nodes, which is not likely to be realistic and may lead to a weak threat model in practical scenarios. In this paper, we analyze the robustness of challenge-based CIDNs in real-world applications and present an advanced collusion attack, called random poisoning attack, which derives from the existing attacks. In the evaluation, we investigate the attack performance in both simulated and real CIDN environments. Experimental results demonstrate that our attack can enables a malicious node to send untruthful information without decreasing its trust value at large. Our research attempts to stimulate more research in designing more robust CIDN framework in practice.
Keywords
Peer-to-peer computing, Collaboration, Robustness, Intrusion detection, Computational modeling, Registers
Discipline
Information Security
Publication
IEEE TrustCom/BigDataSE/ISPA 2016: Proceedings: 15th IEEE International Conference on Trust, Security and Privacy in Computing and Communications; 10th IEEE International Conference on Big Data Science and Engineering; 14th IEEE International Symposium on Parallel and Distributed Processing with Applications: 23-26 August, Tianjin, China
First Page
1061
Last Page
1068
ISBN
9781509032051
Identifier
10.1109/TrustCom.2016.0176
Publisher
IEEE Computer Society
City or Country
Los Alamitos, CA
Embargo Period
12-6-2020
Citation
MENG, Weizhi; LUO, Xiapu; LI, Wenjuan; and LI, Yan.
Design and evaluation of advanced collusion attacks on collaborative intrusion detection networks in practice. (2016). IEEE TrustCom/BigDataSE/ISPA 2016: Proceedings: 15th IEEE International Conference on Trust, Security and Privacy in Computing and Communications; 10th IEEE International Conference on Big Data Science and Engineering; 14th IEEE International Symposium on Parallel and Distributed Processing with Applications: 23-26 August, Tianjin, China. 1061-1068.
Available at: https://ink.library.smu.edu.sg/sis_research/5400
Copyright Owner and License
Authors
Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.
Additional URL
https://doi.org/10.1109/TrustCom.2016.0176