Distributed Privacy-Preserving Collaborative Intrusion Detection Systems for VANETs

Vehicular ad hoc network (VANET) is an enabling technology in modern transportation systems for providing safety and valuable information, and yet vulnerable to a number of attacks from passive eavesdropping to active interfering. Intrusion detection systems (IDSs) are important devices that can mitigate the threats by detecting malicious behaviors. Furthermore, the collaborations among vehicles in VANETs can improve the detection accuracy by communicating their experiences between nodes. To this end, distributed machine learning is a suitable framework for the design of scalable and implementable collaborative detection algorithms over VANETs. One fundamental barrier to collaborative learning is the privacy concern as nodes exchange data among them. A malicious node can obtain sensitive information of other nodes by inferring from the observed data. In this paper, we propose a privacy-preserving machine-learning-based collaborative IDS (PML-CIDS) for VANETs. The proposed algorithm employs the alternating direction method of multipliers to a class of empirical risk minimization problems and trains a classifier to detect the intrusions in the VANETs. We use the differential privacy to capture the privacy notation of the PML-CIDS and propose a method of dual-variable perturbation to provide dynamic differential privacy. We analyze theoretical performance and characterize the fundamental tradeoff between the security and privacy of the PML-CIDS. We also conduct numerical experiments using the network security laboratory-knowledge discovery and data mining (NSL-KDD) dataset to corroborate the results on the detection accuracy, security-privacy tradeoffs, and design.

[1]  Wenke Lee,et al.  Intrusion Detection Techniques for Mobile Wireless Networks , 2003 .

[2]  Jamal Raiyn,et al.  A survey of Cyber Attack Detection Strategies , 2014 .

[3]  James Cannady,et al.  Artificial Neural Networks for Misuse Detection , 1998 .

[4]  Cynthia Dwork,et al.  Calibrating Noise to Sensitivity in Private Data Analysis , 2006, TCC.

[5]  Raef Bassily,et al.  Differentially Private Empirical Risk Minimization: Efficient Algorithms and Tight Error Bounds , 2014, 1405.7085.

[6]  Hussein Zedan,et al.  A comprehensive survey on vehicular Ad Hoc network , 2014, J. Netw. Comput. Appl..

[7]  Robert K. Cunningham,et al.  Improving Intrusion Detection Performance using Keyword Selection and Neural Networks , 2000, Recent Advances in Intrusion Detection.

[8]  Misty K. Blowers,et al.  Machine Learning Applied to Cyber Operations , 2014, Network Science and Cybersecurity.

[9]  W. Yassin,et al.  Intrusion detection based on K-Means clustering and Naïve Bayes classification , 2011, 2011 7th International Conference on Information Technology in Asia.

[10]  Radu State,et al.  Machine Learning Approach for IP-Flow Record Anomaly Detection , 2011, Networking.

[11]  Shi-Jinn Horng,et al.  A novel intrusion detection system based on hierarchical clustering and support vector machines , 2011, Expert Syst. Appl..

[12]  Yu-Hong Dai,et al.  A perfect example for the BFGS method , 2013, Math. Program..

[13]  Erhan Guven,et al.  A Survey of Data Mining and Machine Learning Methods for Cyber Security Intrusion Detection , 2016, IEEE Communications Surveys & Tutorials.

[14]  Cynthia Dwork,et al.  Practical privacy: the SuLQ framework , 2005, PODS.

[15]  Christopher Krügel,et al.  Using Decision Trees to Improve Signature-Based Intrusion Detection , 2003, RAID.

[16]  Ratan K. Guha,et al.  Effective intrusion detection using multiple sensors in wireless ad hoc networks , 2003, 36th Annual Hawaii International Conference on System Sciences, 2003. Proceedings of the.

[17]  Georgios B. Giannakis,et al.  Consensus-Based Distributed Support Vector Machines , 2010, J. Mach. Learn. Res..

[18]  Al-Sakib Khan Pathan Security of Self-Organizing Networks: MANET, WSN, WMN, VANET , 2010 .

[19]  S. P. Shantharajah,et al.  A Study on NSL-KDD Dataset for Intrusion Detection System Based on Classification Algorithms , 2015 .

[20]  Magnus Egerstedt,et al.  Differentially private cloud-based multi-agent optimization with constraints , 2015, 2015 American Control Conference (ACC).

[21]  Matteo Maffei,et al.  Differential Privacy by Typing in Security Protocols , 2013, 2013 IEEE 26th Computer Security Foundations Symposium.

[22]  Jugal K. Kalita,et al.  Network attacks: Taxonomy, tools and systems , 2014, J. Netw. Comput. Appl..

[23]  Ufuk Topcu,et al.  Differentially Private Distributed Constrained Optimization , 2014, IEEE Transactions on Automatic Control.

[24]  George Kesidis,et al.  Secure routing in ad hoc networks and a related intrusion detection problem , 2003, IEEE Military Communications Conference, 2003. MILCOM 2003..

[25]  Quanyan Zhu,et al.  Dynamic Differential Privacy for ADMM-Based Distributed Classification Learning , 2017, IEEE Transactions on Information Forensics and Security.

[26]  Sofya Raskhodnikova,et al.  What Can We Learn Privately? , 2008, 2008 49th Annual IEEE Symposium on Foundations of Computer Science.

[27]  Mohamed Hamdi,et al.  A new security games based reaction algorithm against DOS attacks in VANETs , 2016, 2016 13th IEEE Annual Consumer Communications & Networking Conference (CCNC).

[28]  Leyla Bilge,et al.  Exposure: A Passive DNS Analysis Service to Detect and Report Malicious Domains , 2014, TSEC.

[29]  Abas Md Said,et al.  Hybrid machine learning technique for intrusion detection system , 2015 .

[30]  Kunal Talwar,et al.  Mechanism Design via Differential Privacy , 2007, 48th Annual IEEE Symposium on Foundations of Computer Science (FOCS'07).

[31]  Jie Wu,et al.  A Survey on Intrusion Detection in Mobile Ad Hoc Networks , 2007 .

[32]  Ricardo Staciarini Puttini,et al.  Security in Ad Hoc Networks: a General Intrusion Detection Architecture Enhancing Trust Based Approaches , 2002, Wireless Information Systems.

[33]  Anand D. Sarwate,et al.  Differentially Private Empirical Risk Minimization , 2009, J. Mach. Learn. Res..

[34]  Leyla Bilge,et al.  EXPOSURE: Finding Malicious Domains Using Passive DNS Analysis , 2011, NDSS.

[35]  Ali A. Ghorbani,et al.  A detailed analysis of the KDD CUP 99 data set , 2009, 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications.

[36]  Karl N. Levitt,et al.  A general cooperative intrusion detection architecture for MANETs , 2005, Third IEEE International Workshop on Information Assurance (IWIA'05).

[37]  Nathan Srebro,et al.  SVM optimization: inverse dependence on training set size , 2008, ICML '08.