Abstract
Due to the rapid increment of the cyber attacks, intrusion detection system (IDS) is shifting towards collaborative approaches. There is a huge demand for securing larger networking environments for providing a safeguard against threats. In order to optimize the feasible detection performance, Collaborative Intrusion Detection Networks (CIDN) approaches have been adopted in practical scenarios, which enables a group of IDS nodes to mutually share and exchange mandatory information with each other, for example, IDS-signatures, attacks alarms. However, CIDN networks are distributed in nature, such networks still face plenty of implementation problems, especially, insider intruder can easily dominate any of security node and leave the entire security system vulnerable. To achieve the trust-based communication between each of IDS node, the recent advancement in blockchain applications is considered as a good fit to create trust-based communication in CIDN networks. This work converges CIDN network and blockchain in SDN context. Firstly, we investigated existing related work and highlighted challenges and research gap towards blockchain in CIDN networks. Secondly, we utilised three collaborated Snort IDS to receive the latest signature update from Ryu and then to securely share such signatures updates to all other Snort nodes within test-bed. Our work is motivated to detect seven types of common attacks with collaborated signature-based IDS, which feasibly processes more packets to achieve satisfactory detection results. Overall the evaluation results show that with the adoption of blockchain protocols, the proposed CIDN network achieves 96% of TP rate detection rate for TCP, UDP and ICMP packets.
Original language | English |
---|---|
Title of host publication | Proceedings of the 2019 13th International Conference on Software, Knowledge, Information Management and Applications (SKIMA) |
Place of Publication | Piscataway, NJ |
Publisher | IEEE |
Number of pages | 8 |
ISBN (Electronic) | 9781728127415, 9781728127408 |
ISBN (Print) | 9781728127422 |
DOIs | |
Publication status | Published - 6 Feb 2020 |
Event | 13th International Conference on Software, Knowledge, Information Management and Applications - Ulkulhas, Maldives Duration: 26 Aug 2019 → 28 Aug 2019 http://skimanetwork.info/ |
Publication series
Name | IEEE Proceedings |
---|---|
Publisher | IEEE |
ISSN (Print) | 2373-082X |
ISSN (Electronic) | 2573-3214 |
Conference
Conference | 13th International Conference on Software, Knowledge, Information Management and Applications |
---|---|
Abbreviated title | SKIMA 2019 |
Country/Territory | Maldives |
City | Ulkulhas |
Period | 26/08/19 → 28/08/19 |
Internet address |
Keywords
- Software defined networks
- Open vSwitch
- Snort
- Blockchain
- Collaborative Intrusion Detection Networks (CIDN)