A Privacy-Preserving Framework for Collaborative Intrusion Detection Networks Through Fog Computing

Nowadays, cyber threats (e.g., intrusions) are distributed across various networks with the dispersed networking resources. Intrusion detection systems (IDSs) have already become an essential solution to defend against a large amount of attacks. With the development of cloud computing, a modern IDS is able to implement more complicated detection algorithms by offloading the expensive operations such as the process of signature matching to the cloud (i.e., utilizing computing resources from the cloud). However, during the detection process, no party wants to disclose their own data especially sensitive information to others for privacy concerns, even to the cloud side. For this sake, privacy-preserving technology has been applied to IDSs, while it still lacks of proper solutions for a collaborative intrusion detection network (CIDN) due to geographical distribution. A CIDN enables a set of dispersed IDS nodes to exchange required information. With the advent of fog computing, in this paper, we propose a privacy-preserving framework for collaborative networks based on fog devices. Our study shows that the proposed framework can help reduce the workload on cloud’s side.

[1]  Raouf Boutaba,et al.  Trust Management for Host-Based Collaborative Intrusion Detection , 2008, DSOM.

[2]  Wenjuan Li,et al.  Design of intelligent KNN-based alarm filter using knowledge-based alert verification in intrusion detection , 2015, Secur. Commun. Networks.

[3]  Hao Wang,et al.  Privacy-preserving anomaly detection across multi-domain networks , 2012, 2012 9th International Conference on Fuzzy Systems and Knowledge Discovery.

[4]  Wenjuan Li,et al.  Evaluation of Detecting Malicious Nodes Using Bayesian Model in Wireless Intrusion Detection , 2013, NSS.

[5]  Yang Xiang,et al.  Towards Designing Privacy-Preserving Signature-Based IDS as a Service: A Study and Practice , 2013, 2013 5th International Conference on Intelligent Networking and Collaborative Systems.

[6]  Wenjuan Li,et al.  EFM: Enhancing the performance of signature-based network intrusion detection systems using enhanced filter mechanism , 2014, Comput. Secur..

[7]  Nahid Shahmehri,et al.  A Trust-Aware, P2P-Based Overlay for Intrusion Detection , 2006, 17th International Workshop on Database and Expert Systems Applications (DEXA'06).

[8]  Wenjuan Li,et al.  Enhancing Trust Evaluation Using Intrusion Sensitivity in Collaborative Intrusion Detection Networks: Feasibility and Challenges , 2013, 2013 Ninth International Conference on Computational Intelligence and Security.

[9]  Heejo Lee,et al.  Group-Based Trust Management Scheme for Clustered Wireless Sensor Networks , 2009, IEEE Transactions on Parallel and Distributed Systems.

[10]  Yan Chen,et al.  Towards scalable and robust distributed intrusion alert fusion with good load balancing , 2006, LSAD '06.

[11]  Stelvio Cimato,et al.  A Distributed and Privacy-Preserving Method for Network Intrusion Detection , 2010, OTM Conferences.

[12]  Lam-for Kwok,et al.  Enhancing False Alarm Reduction Using Voted Ensemble Selection in Intrusion Detection , 2013, Int. J. Comput. Intell. Syst..

[13]  Karen A. Scarfone,et al.  Guide to Intrusion Detection and Prevention Systems (IDPS) , 2007 .

[14]  Anja Feldmann,et al.  Operational experiences with high-volume network intrusion detection , 2004, CCS '04.

[15]  Horace Ho-Shing Ip,et al.  PMFA: Toward Passive Message Fingerprint Attacks on Challenge-Based Collaborative Intrusion Detection Networks , 2016, NSS.

[16]  Horace Ho-Shing Ip,et al.  Enhancing collaborative intrusion detection networks against insider attacks using supervised intrusion sensitivity-based trust management model , 2017, J. Netw. Comput. Appl..

[17]  Sushil Jajodia,et al.  Over-encryption: Management of Access Control Evolution on Outsourced Data , 2007, VLDB.

[18]  Wenjuan Li,et al.  Design of Intrusion Sensitivity-Based Trust Management Model for Collaborative Intrusion Detection Networks , 2014, IFIPTM.

[19]  Saurabh Bagchi,et al.  Collaborative intrusion detection system (CIDS): a framework for accurate and efficient IDS , 2003, 19th Annual Computer Security Applications Conference, 2003. Proceedings..

[20]  Ji Guo,et al.  A New Trust Management Framework for Detecting Malicious and Selfish Behaviour for Mobile Ad Hoc Networks , 2011, 2011IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications.

[21]  Kim-Kwang Raymond Choo,et al.  A bayesian inference-based detection mechanism to defend medical smartphone networks against insider attacks , 2017, J. Netw. Comput. Appl..

[22]  Wenjuan Li,et al.  Towards Designing Packet Filter with a Trust-Based Approach Using Bayesian Inference in Network Intrusion Detection , 2012, SecureComm.

[23]  Lam-for Kwok,et al.  Adaptive blacklist-based packet filter with a statistic-based approach in network intrusion detection , 2014, J. Netw. Comput. Appl..

[24]  Martin Roesch,et al.  Snort - Lightweight Intrusion Detection for Networks , 1999 .

[25]  Wenjuan Li,et al.  SOOA: Exploring Special On-Off Attacks on Challenge-Based Collaborative Intrusion Detection Networks , 2017, GPC.

[26]  Nur Izura Udzir,et al.  A Cloud-based Intrusion Detection Service framework , 2012, Proceedings Title: 2012 International Conference on Cyber Security, Cyber Warfare and Digital Forensic (CyberSec).

[27]  Sateesh Addepalli,et al.  Fog computing and its role in the internet of things , 2012, MCC '12.

[28]  Florian Kerschbaum,et al.  Privacy-Preserving Pattern Matching for Anomaly Detection in RFID Anti-Counterfeiting , 2010, RFIDSec.

[29]  Raouf Boutaba,et al.  Robust and scalable trust management for collaborative intrusion detection , 2009, 2009 IFIP/IEEE International Symposium on Integrated Network Management.

[30]  Dong Hoon Lee,et al.  PPIDS: Privacy Preserving Intrusion Detection System , 2007, PAISI.

[31]  Sushil Jajodia,et al.  Profiling Online Social Behaviors for Compromised Account Detection , 2016, IEEE Transactions on Information Forensics and Security.

[32]  Peng Ning,et al.  Privacy-Preserving Detection of Sybil Attacks in Vehicular Ad Hoc Networks , 2007, 2007 Fourth Annual International Conference on Mobile and Ubiquitous Systems: Networking & Services (MobiQuitous).

[33]  Yan Li,et al.  Design and Evaluation of Advanced Collusion Attacks on Collaborative Intrusion Detection Networks in Practice , 2016, 2016 IEEE Trustcom/BigDataSE/ISPA.

[34]  Patrick Martin,et al.  IDSaaS: Intrusion Detection System as a Service in Public Clouds , 2012, 2012 12th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (ccgrid 2012).