Design and evaluation of advanced collusion attacks on collaborative intrusion detection networks in practice
To encourage collaboration among single intrusion detection systems (IDSs), collaborative intrusion detection networks (CIDNs) have been developed that enable different IDS nodes to communicate information with each other. This distributed network infrastructure aims to improve the detection perform...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Institutional Knowledge at Singapore Management University
2016
|
| Subjects: | |
| Online Access: | https://ink.library.smu.edu.sg/sis_research/5400 https://ink.library.smu.edu.sg/context/sis_research/article/6404/viewcontent/AdvancedCollusionAttacks_TrustCom_2016_av.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Singapore Management University |
| Language: | English |
| id |
sg-smu-ink.sis_research-6404 |
|---|---|
| record_format |
dspace |
| spelling |
sg-smu-ink.sis_research-64042020-12-07T05:16:39Z Design and evaluation of advanced collusion attacks on collaborative intrusion detection networks in practice MENG, Weizhi LUO, Xiapu LI, Wenjuan LI, Yan To encourage collaboration among single intrusion detection systems (IDSs), collaborative intrusion detection networks (CIDNs) have been developed that enable different IDS nodes to communicate information with each other. This distributed network infrastructure aims to improve the detection performance of a single IDS, but may suffer from various insider attacks like collusion attacks, where several malicious nodes can collaborate to perform adversary actions. To defend against insider threats, challenge-based trust mechanisms have been proposed in the literature and proven to be robust against collusion attacks. However, we identify that such mechanisms depend heavily on an assumption of malicious nodes, which is not likely to be realistic and may lead to a weak threat model in practical scenarios. In this paper, we analyze the robustness of challenge-based CIDNs in real-world applications and present an advanced collusion attack, called random poisoning attack, which derives from the existing attacks. In the evaluation, we investigate the attack performance in both simulated and real CIDN environments. Experimental results demonstrate that our attack can enables a malicious node to send untruthful information without decreasing its trust value at large. Our research attempts to stimulate more research in designing more robust CIDN framework in practice. 2016-08-01T07:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/5400 info:doi/10.1109/TrustCom.2016.0176 https://ink.library.smu.edu.sg/context/sis_research/article/6404/viewcontent/AdvancedCollusionAttacks_TrustCom_2016_av.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Peer-to-peer computing Collaboration Robustness Intrusion detection Computational modeling Registers Information Security |
| institution |
Singapore Management University |
| building |
SMU Libraries |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
SMU Libraries |
| collection |
InK@SMU |
| language |
English |
| topic |
Peer-to-peer computing Collaboration Robustness Intrusion detection Computational modeling Registers Information Security |
| spellingShingle |
Peer-to-peer computing Collaboration Robustness Intrusion detection Computational modeling Registers Information Security MENG, Weizhi LUO, Xiapu LI, Wenjuan LI, Yan Design and evaluation of advanced collusion attacks on collaborative intrusion detection networks in practice |
| description |
To encourage collaboration among single intrusion detection systems (IDSs), collaborative intrusion detection networks (CIDNs) have been developed that enable different IDS nodes to communicate information with each other. This distributed network infrastructure aims to improve the detection performance of a single IDS, but may suffer from various insider attacks like collusion attacks, where several malicious nodes can collaborate to perform adversary actions. To defend against insider threats, challenge-based trust mechanisms have been proposed in the literature and proven to be robust against collusion attacks. However, we identify that such mechanisms depend heavily on an assumption of malicious nodes, which is not likely to be realistic and may lead to a weak threat model in practical scenarios. In this paper, we analyze the robustness of challenge-based CIDNs in real-world applications and present an advanced collusion attack, called random poisoning attack, which derives from the existing attacks. In the evaluation, we investigate the attack performance in both simulated and real CIDN environments. Experimental results demonstrate that our attack can enables a malicious node to send untruthful information without decreasing its trust value at large. Our research attempts to stimulate more research in designing more robust CIDN framework in practice. |
| format |
text |
| author |
MENG, Weizhi LUO, Xiapu LI, Wenjuan LI, Yan |
| author_facet |
MENG, Weizhi LUO, Xiapu LI, Wenjuan LI, Yan |
| author_sort |
MENG, Weizhi |
| title |
Design and evaluation of advanced collusion attacks on collaborative intrusion detection networks in practice |
| title_short |
Design and evaluation of advanced collusion attacks on collaborative intrusion detection networks in practice |
| title_full |
Design and evaluation of advanced collusion attacks on collaborative intrusion detection networks in practice |
| title_fullStr |
Design and evaluation of advanced collusion attacks on collaborative intrusion detection networks in practice |
| title_full_unstemmed |
Design and evaluation of advanced collusion attacks on collaborative intrusion detection networks in practice |
| title_sort |
design and evaluation of advanced collusion attacks on collaborative intrusion detection networks in practice |
| publisher |
Institutional Knowledge at Singapore Management University |
| publishDate |
2016 |
| url |
https://ink.library.smu.edu.sg/sis_research/5400 https://ink.library.smu.edu.sg/context/sis_research/article/6404/viewcontent/AdvancedCollusionAttacks_TrustCom_2016_av.pdf |
| _version_ |
1770575445182382080 |