Differentially Private Collaborative Intrusion Detection Systems For VANETs

Vehicular ad hoc network (VANET) is an enabling technology in modern transportation systems for providing safety and valuable information, and yet vulnerable to a number of attacks from passive eavesdropping to active interfering. Intrusion detection systems (IDSs) are important devices that can mitigate the threats by detecting malicious behaviors. Furthermore, the collaborations among vehicles in VANETs can improve the detection accuracy by communicating their experiences between nodes. To this end, distributed machine learning is a suitable framework for the design of scalable and implementable collaborative detection algorithms over VANETs. One fundamental barrier to collaborative learning is the privacy concern as nodes exchange data among them. A malicious node can obtain sensitive information of other nodes by inferring from the observed data. In this paper, we propose a privacy-preserving machine-learning based collaborative IDS (PML-CIDS) for VANETs. The proposed algorithm employs the alternating direction method of multipliers (ADMM) to a class of empirical risk minimization (ERM) problems and trains a classifier to detect the intrusions in the VANETs. We use the differential privacy to capture the privacy notation of the PML-CIDS and propose a method of dual variable perturbation to provide dynamic differential privacy. We analyze theoretical performance and characterize the fundamental tradeoff between the security and privacy of the PML-CIDS. We also conduct numerical experiments using the NSL-KDD dataset to corroborate the results on the detection accuracy, security-privacy tradeoffs, and design.

[1]  Ricardo Staciarini Puttini,et al.  Security in Ad Hoc Networks: a General Intrusion Detection Architecture Enhancing Trust Based Approaches , 2002, Wireless Information Systems.

[2]  Anand D. Sarwate,et al.  Differentially Private Empirical Risk Minimization , 2009, J. Mach. Learn. Res..

[3]  Kunal Talwar,et al.  Mechanism Design via Differential Privacy , 2007, 48th Annual IEEE Symposium on Foundations of Computer Science (FOCS'07).

[4]  Leyla Bilge,et al.  EXPOSURE: Finding Malicious Domains Using Passive DNS Analysis , 2011, NDSS.

[5]  Sofya Raskhodnikova,et al.  What Can We Learn Privately? , 2008, 2008 49th Annual IEEE Symposium on Foundations of Computer Science.

[6]  Ali A. Ghorbani,et al.  A detailed analysis of the KDD CUP 99 data set , 2009, 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications.

[7]  Quanyan Zhu,et al.  Dynamic Differential Privacy for ADMM-Based Distributed Classification Learning , 2017, IEEE Transactions on Information Forensics and Security.

[8]  Jie Wu,et al.  A Survey on Intrusion Detection in Mobile Ad Hoc Networks , 2007 .

[9]  Georgios B. Giannakis,et al.  Consensus-Based Distributed Support Vector Machines , 2010, J. Mach. Learn. Res..

[10]  Quanyan Zhu,et al.  FACID: A trust-based collaborative decision framework for intrusion detection networks , 2016, Ad Hoc Networks.

[11]  Mohamed Hamdi,et al.  A new security games based reaction algorithm against DOS attacks in VANETs , 2016, 2016 13th IEEE Annual Consumer Communications & Networking Conference (CCNC).

[12]  S. P. Shantharajah,et al.  A Study on NSL-KDD Dataset for Intrusion Detection System Based on Classification Algorithms , 2015 .

[13]  Magnus Egerstedt,et al.  Differentially private cloud-based multi-agent optimization with constraints , 2015, 2015 American Control Conference (ACC).

[14]  Hussein Zedan,et al.  A comprehensive survey on vehicular Ad Hoc network , 2014, J. Netw. Comput. Appl..

[15]  Leyla Bilge,et al.  Exposure: A Passive DNS Analysis Service to Detect and Report Malicious Domains , 2014, TSEC.

[16]  Al-Sakib Khan Pathan Security of Self-Organizing Networks: MANET, WSN, WMN, VANET , 2010 .

[17]  Abas Md Said,et al.  Hybrid machine learning technique for intrusion detection system , 2015 .

[18]  Wenke Lee,et al.  Intrusion Detection Techniques for Mobile Wireless Networks , 2003, Wirel. Networks.

[19]  Quanyan Zhu,et al.  Indices of Power in Optimal IDS Default Configuration: Theory and Examples , 2011, GameSec.

[20]  Jamal Raiyn,et al.  A survey of Cyber Attack Detection Strategies , 2014 .

[21]  Ratan K. Guha,et al.  Effective intrusion detection using multiple sensors in wireless ad hoc networks , 2003, 36th Annual Hawaii International Conference on System Sciences, 2003. Proceedings of the.

[22]  Quanyan Zhu,et al.  Bayesian decision aggregation in collaborative intrusion detection networks , 2010, 2010 IEEE Network Operations and Management Symposium - NOMS 2010.

[23]  Quanyan Zhu,et al.  A Distributed Sequential Algorithm for Collaborative Intrusion Detection Networks , 2010, 2010 IEEE International Conference on Communications.

[24]  Wenhui Zhang,et al.  Car-2-Car Communication Consortium - Manifesto , 2007 .

[25]  Karl N. Levitt,et al.  A general cooperative intrusion detection architecture for MANETs , 2005, Third IEEE International Workshop on Information Assurance (IWIA'05).

[26]  Hannes Hartenstein,et al.  A tutorial survey on vehicular ad hoc networks , 2008, IEEE Communications Magazine.

[27]  Stephen P. Boyd,et al.  Distributed Optimization and Statistical Learning via the Alternating Direction Method of Multipliers , 2011, Found. Trends Mach. Learn..

[28]  Yu-Hong Dai,et al.  A perfect example for the BFGS method , 2013, Math. Program..

[29]  Radu State,et al.  Machine Learning Approach for IP-Flow Record Anomaly Detection , 2011, Networking.

[30]  Shi-Jinn Horng,et al.  A novel intrusion detection system based on hierarchical clustering and support vector machines , 2011, Expert Syst. Appl..

[31]  Quanyan Zhu,et al.  GUIDEX: A Game-Theoretic Incentive-Based Mechanism for Intrusion Detection Networks , 2012, IEEE Journal on Selected Areas in Communications.

[32]  W. Yassin,et al.  Intrusion detection based on K-Means clustering and Naïve Bayes classification , 2011, 2011 7th International Conference on Information Technology in Asia.

[33]  Robert K. Cunningham,et al.  Improving Intrusion Detection Performance using Keyword Selection and Neural Networks , 2000, Recent Advances in Intrusion Detection.

[34]  Misty K. Blowers,et al.  Machine Learning Applied to Cyber Operations , 2014, Network Science and Cybersecurity.

[35]  Quanyan Zhu,et al.  A Dual Perturbation Approach for Differential Private ADMM-Based Distributed Empirical Risk Minimization , 2016, AISec@CCS.

[36]  Nathan Srebro,et al.  SVM optimization: inverse dependence on training set size , 2008, ICML '08.

[37]  Quanyan Zhu,et al.  Dynamic Privacy For Distributed Machine Learning Over Network , 2016, ArXiv.

[38]  James Cannady,et al.  Artificial Neural Networks for Misuse Detection , 1998 .

[39]  Raef Bassily,et al.  Differentially Private Empirical Risk Minimization: Efficient Algorithms and Tight Error Bounds , 2014, 1405.7085.

[40]  George Kesidis,et al.  Secure routing in ad hoc networks and a related intrusion detection problem , 2003, IEEE Military Communications Conference, 2003. MILCOM 2003..

[41]  Matteo Maffei,et al.  Differential Privacy by Typing in Security Protocols , 2013, 2013 IEEE 26th Computer Security Foundations Symposium.

[42]  Quanyan Zhu,et al.  Dynamic policy-based IDS configuration , 2009, Proceedings of the 48h IEEE Conference on Decision and Control (CDC) held jointly with 2009 28th Chinese Control Conference.

[43]  Cynthia Dwork,et al.  Calibrating Noise to Sensitivity in Private Data Analysis , 2006, TCC.

[44]  Lalu Banoth,et al.  A Survey of Data Mining and Machine Learning Methods for Cyber Security Intrusion Detection , 2017 .

[45]  Ufuk Topcu,et al.  Differentially Private Distributed Constrained Optimization , 2014, IEEE Transactions on Automatic Control.

[46]  Jugal K. Kalita,et al.  Network attacks: Taxonomy, tools and systems , 2014, J. Netw. Comput. Appl..

[47]  Cynthia Dwork,et al.  Practical privacy: the SuLQ framework , 2005, PODS.

[48]  Christopher Krügel,et al.  Using Decision Trees to Improve Signature-Based Intrusion Detection , 2003, RAID.