Designing consensus algorithm for collaborative signature-based intrusion detection system

<span>Signature-based collaborative intrusion detection system (CIDS) is highly depends on the reliability of nodes to provide IDS attack signatures. Each node in the network is responsible to provide new attack signature to be shared with other node. There are two problems exist in CIDS highlighted in this paper, first is to provide data consistency and second is to maintain trust among the nodes while sharing the attack signatures. Recently, researcher find that blockchain has a great potential to solve those problems. Consensus algorithm in blockchain is able to increase trusts among the node and allows data to be inserted from a single source of truth. In this paper, we are investigating three blockchain consensus algorithms: proof of work (PoW), proof of stake (PoS), and hybrid PoW-PoS chain-based consensus algorithm which are possibly to be implemented in CIDS. Finally, we design an extension of hybrid PoW-PoS chain-based consensus algorithm to fulfill the requirement. This extension we name it as proof of attack signature (PoAS).</span>

Download Full-text

Misbehavior-Aware On-Demand Collaborative Intrusion Detection System Using Distributed Ensemble Learning for VANET

Electronics ◽

10.3390/electronics9091411 ◽

2020 ◽

Vol 9 (9) ◽

pp. 1411 ◽

Cited By ~ 1

Author(s):

Fuad A. Ghaleb ◽

Faisal Saeed ◽

Mohammad Al-Sarem ◽

Bander Ali Saleh Al-rimy ◽

Wadii Boulila ◽

...

Keyword(s):

Random Forest ◽

Intrusion Detection ◽

Ensemble Learning ◽

Intrusion Detection System ◽

Detection System ◽

Lower Boundary ◽

Normal Operation ◽

Communication Overhead ◽

On Demand ◽

Collaborative Intrusion Detection

Vehicular ad hoc networks (VANETs) play an important role as enabling technology for future cooperative intelligent transportation systems (CITSs). Vehicles in VANETs share real-time information about their movement state, traffic situation, and road conditions. However, VANETs are susceptible to the cyberattacks that create life threatening situations and/or cause road congestion. Intrusion detection systems (IDSs) that rely on the cooperation between vehicles to detect intruders, were the most suggested security solutions for VANET. Unfortunately, existing cooperative IDSs (CIDSs) are vulnerable to the legitimate yet compromised collaborators that share misleading and manipulated information and disrupt the IDSs’ normal operation. As such, this paper proposes a misbehavior-aware on-demand collaborative intrusion detection system (MA-CIDS) based on the concept of distributed ensemble learning. That is, vehicles individually use the random forest algorithm to train local IDS classifiers and share their locally trained classifiers on-demand with the vehicles in their vicinity, which reduces the communication overhead. Once received, the performance of the classifiers is evaluated using the local testing dataset in the receiving vehicle. The evaluation values are used as a trustworthiness factor and used to rank the received classifiers. The classifiers that deviate much from the box-and-whisker plot lower boundary are excluded from the set of the collaborators. Then, each vehicle constructs an ensemble of weighted random forest-based classifiers that encompasses the locally and remotely trained classifiers. The outputs of the classifiers are aggregated using a robust weighted voting scheme. Extensive simulations were conducted utilizing the network security laboratory-knowledge discovery data mining (NSL-KDD) dataset to evaluate the performance of the proposed MA-CIDS model. The obtained results show that MA-CIDS performs better than the other existing models in terms of effectiveness and efficiency for VANET.

Download Full-text