Skip to main content
SpringerLink
Log in

A blockchain-enabled collaborative intrusion detection framework for SDN-assisted cyber-physical systems

  • Regular Contribution
  • Published:
International Journal of Information Security Aims and scope Submit manuscript

Abstract

Cyber-physical systems (CPS) play an important role in our daily lives, such as automotive, medical monitoring, smart grid, industrial control systems and so on. CPS typically consists of three main components: sensors, aggregators and actuators. Recently, Software-Defined Networking (SDN) has been applied to CPS for achieving optimal resource allocation and Quality of Service, forming a type of SDN-assisted CPS. To protect such environment, collaborative intrusion detection system (CIDS) is a major security solution, but it is vulnerable to insider threat, where a cyber-attacker can behave maliciously within the network. In this work, we focus on this challenge and investigate the use of blockchain technology that can ensure immutable data sharing without the need of a trusted third party. We introduce a blockchain-enabled collaborative intrusion detection framework for SDN-assisted CPS. In particular, we use challenge-based CIDS in the study and evaluate the proposed framework under both external and internal attacks. The experimental results demonstrate the viability and effectiveness of our blockchain-enabled framework.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9

Similar content being viewed by others

Data availability

Data sharing not applicable to this article as no datasets were generated or analyzed during the current study.

References

  1. Li, W., Tan, J., Wang, Y.: A framework of blockchain-based collaborative intrusion detection in software defined networking. The 14th international conference on network and system security (NSS), pp. 261-276 (2020)

  2. Stergiopoulos, G., Dedousis, P., Gritzalis, D.: Automatic analysis of attack graphs for risk mitigation and prioritization on large-scale and complex networks in industry 4.0. Int. J. Inf. Sec. 21(1), 37–59 (2022)

    Article  Google Scholar 

  3. Aceto, G., Persico, V., Pescape, A.: A survey on information and communication technologies for industry 4.0: state-of-the-art, taxonomies, perspectives, and challenges. IEEE Commun. Surv. Tutor. 21(4), 3467–3501 (2019)

    Article  Google Scholar 

  4. Kocabas, O., Soyata, T., Aktas, M.K.: Emerging security mechanisms for medical cyber physical systems. IEEE ACM Trans. Comput. Biol. Bioinform. 13(3), 401–416 (2016)

    Article  Google Scholar 

  5. Business Research Insights. Cyber physical system market size, share, growth, and industry growth. (accessed on 1 November 2022) https://www.businessresearchinsights.com/market-reports/cyber-physical-system-market-100757

  6. Wu, J., Luo, S., Wang, S., Wang, H.: NLES: A Novel Lifetime Extension Scheme for Safety-Critical Cyber-Physical Systems Using SDN and NFV. IEEE Internet Things J. 6(2), 2463–2475 (2019)

    Article  Google Scholar 

  7. Molina, E., Jacob, E.: Software-defined networking in cyber-physical systems: a survey. Comput. Electr. Eng. 66, 407–419 (2018)

    Article  Google Scholar 

  8. Kathiravelu, P., Roy, P.V., Veiga, L.: SD-CPS: software-defined cyber-physical systems. Taming the challenges of CPS with workflows at the edge. Clust. Comput. 22(3), 661–677 (2019)

    Article  Google Scholar 

  9. Sahay, R., Sepulveda, D.A., Meng, W., Jensen, C.D., Barfod, M.B.: CyberShip: An SDN-based autonomic attack mitigation framework for ship systems. In: Proceedings of SciSec, pp. 191-198 (2018)

  10. Yaacoub, J.P.A., Salman, O., Noura, H.N., Kaaniche, N., Chehab, A., Malli, M.: Cyber-physical systems security: Limitations, issues and future trends. Microprocess Microsystems 77, 103201 (2020)

    Article  Google Scholar 

  11. Lee, W., Cabrera, J.B.D., Thomas, A., Balwalli, N., Saluja, S., Zhang, Y.: Performance adaptation in real-time intrusion detection systems. RAID 2002, 252–273 (2002)

    MATH  Google Scholar 

  12. Meng, W., Li, W., Kwok, L.F.: EFM: enhancing the performance of signature-based network intrusion detection systems using enhanced filter mechanism. Comput. Secur. 43, 189–204 (2014)

    Article  Google Scholar 

  13. Meng, W., Li, W., Kwok, L.F.: Design of intelligent KNN-based alarm filter using knowledge-based alert verification in intrusion detection. Secur. Commun. Netw. 8(18), 3883–3895 (2015)

    Article  Google Scholar 

  14. Li, W., Wang, Y., Jin, Z., Yu, K., Li, J., Xiang, Y.: Challenge-based collaborative intrusion detection in software defined networking: an evaluation. Digit. Commun. Netw. 7, 257–263 (2021)

    Article  Google Scholar 

  15. Sahay, R., Meng, W., Jensen, C.D.: The application of software defined networking on securing computer networks: a survey. J. Netw. Comput. Appl. 131, 89–108 (2019)

    Article  Google Scholar 

  16. Liu, L., Yang, J., Meng, W.: Detecting malicious nodes via gradient descent and support vector machine in Internet of Things. Comput. Electr. Eng. 77, 339–353 (2019)

    Article  Google Scholar 

  17. Li, W., Meng, W., Kwok, L.F.: SOOA: Exploring special On-Off attacks on challenge-based collaborative intrusion detection networks. In: proceedings of GPC, pp. 402-415 (2017)

  18. Li, W., Meng, W., Kwok, L.F.: Investigating the influence of special on-off attacks on challenge-based collaborative intrusion detection networks. Future Internet 10(1), 1–16 (2018)

    Article  Google Scholar 

  19. Li, W., Meng, W., Kwok, L.F., Ip, H.H.S.: PMFA: toward passive message fingerprint attacks on challenge-based collaborative intrusion detection networks. In: proceedings of NSS, pp. 433-449 (2016)

  20. Li, W., Kwok, L.F.: Challenge-based Collaborative intrusion detection networks under passive message fingerprint attack: a further analysis. J. Inf. Secur. Appl. 47, 1–7 (2019)

    Google Scholar 

  21. Meng, W., Li, W., Jiang, L., Choo, K.K.R., Su, C.: Practical Bayesian poisoning attacks on challenge-based collaborative intrusion detection networks. In: proceedings of ESORICS, pp. 493-511 (2019)

  22. Li, W., Meng, W., Kwok, L.F.: Surveying trust-based collaborative intrusion detection: state-of-the-art, challenges and future directions. IEEE Commun. Surv. Tutor. 24(1), 280–305 (2022)

    Article  Google Scholar 

  23. Li, W., Meng, W., Liu, Z., Au, M.H.: Towards Blockchain-based software-defined networking: security challenges and solutions. IEICE Trans. Inf. Syst. 103(2), 196–203 (2020)

    Article  Google Scholar 

  24. Alsmadi, I., Xu, D.: Security of software defined networks: a survey. Comput. Secur. 53, 79–108 (2015)

    Article  Google Scholar 

  25. OpenFlow Switch Specification–Open networking foundation. https://www.opennetworking.org/wp-content/uploads/2014/10/openflow-switch-v1.5.1.pdf

  26. Li, W., Meng, W., Kwok, L.F.: A survey on openflow-based software defined networks: security challenges and countermeasures. J. Netw. Comput. Appl. 68, 126–139 (2016)

    Article  Google Scholar 

  27. Balzereit, K., Niggemann, O.: AutoConf: new algorithm for reconfiguration of cyber-physical production systems. IEEE Trans. Ind. Inf. 19(1), 739–749 (2023)

    Article  Google Scholar 

  28. Meng, W., Wang, J., Wang, X., Liu, J.K., Yu, Z. Li, J., Zhao, Y., Chow, S.S.M.: Position paper on blockchain technology: smart contract and applications. In: proceedings of NSS, pp. 474-483 (2018)

  29. Meng, W., Li, W., Zhu, L.: Enhancing medical smartphone networks via blockchain-based trust management against insider attacks. IEEE Trans. Eng. Manag. IEEE 67(4), 1377–1386 (2019)

    Article  Google Scholar 

  30. Pirtle, C., Ehrenfeld, J.M.: Blockchain for healthcare: the next generation of medical records? J. Medical Syst. 42(9), 172:1-172:3 (2018)

    Article  Google Scholar 

  31. Meng, W., Tischhauser, E.W., Wang, Q., Wang, Y., Han, J.: When intrusion detection meets blockchain technology: a review. IEEE Access. 6(1), 10179–10188 (2018)

    Article  Google Scholar 

  32. Meng, W., Li, W., Yang, L.T., Li, P.: Enhancing challenge-based collaborative intrusion detection networks against insider attacks using blockchain. Int. J. Inf. Secur. 19, 279–290 (2020)

    Article  Google Scholar 

  33. Mu, Y., Rezaeibagha, F., Huang, K.: Policy-driven blockchain and its applications for transport systems. IEEE Trans. Serv. Comput. 13(2), 230–240 (2020)

    Google Scholar 

  34. Chiu, W.Y., Meng, W., Jensen, C.D.: NoPKI - A point-to-point trusted third party service based on blockchain consensus algorithm. In: proceedings of the 3rd international conference on frontiers in cyber security (FCS), pp. 197-214 (2020)

  35. Chiu, W.Y., Meng, W., Jensen, C.D.: My data, my control: a secure data sharing and access scheme over blockchain. J. Inf. Secur. Appl. 63, 103020 (2021)

    Google Scholar 

  36. Wüst, K., Gervais, A.: Do you need a blockchain? In: CVCBT, pp. 45-54 (2018)

  37. Nakamoto, S.: Bitcoin: A peer-to-peer electronic cash system. http://bitcoin.org/bitcoin.pdf (2008)

  38. Wood, G.: Ethereum: A secure decentralised generalised transaction ledger. EIP-150 Revision (2016)

  39. Hyperledger: Open source blockchain technologies. https://www.hyperledger.org/

  40. Wang, C., Zhang, Y., Chen, X., Liang, K., Wang, Z.: SDN-Based Handover Authentication Scheme for Mobile Edge Computing in Cyber-Physical Systems. IEEE Internet Things J. 6(5), 8692–8701 (2019)

    Article  Google Scholar 

  41. Zainudin, Ahmad, Akter, Rubina, Kim, Dong-Seong, Lee, Jae-Min: Towards Lightweight Intrusion Identification in SDN-based Industrial Cyber-Physical Systems. In: Proceedings of APCC, pp. 610-614 (2022)

  42. Latif, S.A., Wen, F.B.X., Iwendi, C., Wang, L.F., Mohsin, S.M., Han, Z., Band, S.S.: AI-empowered, blockchain and SDN integrated security architecture for IoT network of cyber physical systems. Comput. Commun. 181, 274–283 (2022)

    Article  Google Scholar 

  43. Duma, C., Karresand, M., Shahmehri, N., Caronni, G.: A trust-aware, P2P-based overlay for intrusion detection. In: DEXA Workshop, pp. 692-697 (2006)

  44. Li, W., Meng, W., Kwok, L.F.: Enhancing trust evaluation using intrusion sensitivity in collaborative intrusion detection networks: feasibility and challenges. In: proceedings of CIS, pp. 518-522 (2013)

  45. Li, W., Meng, W., Kwok, L.F.: Design of intrusion sensitivity-based trust management model for collaborative intrusion detection networks. In: proceedings of IFIPTM, Springer, pp. 61-76 (2014)

  46. Li, W., Meng, W.: Enhancing collaborative intrusion detection networks using intrusion sensitivity in detecting pollution attacks. Inf. Comput. Secur. 24(3), 265–276 (2016)

    Article  MathSciNet  Google Scholar 

  47. Veeraiah, N., Krishna, B.T.: Trust-aware FuzzyClus-Fuzzy NB: intrusion detection scheme based on fuzzy clustering and Bayesian rule. Wirel. Networks 25(7), 4021–4035 (2019)

    Article  Google Scholar 

  48. Alexopoulos, N., Vasilomanolakis, E., Ivanko, N.R., Muhlhauser, M.: Towards blockchain-based collaborative intrusion detection systems. In: Proceedings of the 12th international conference on critical information infrastructures security, pp. 1-12 (2017)

  49. Golomb, T., Mirsky, Y., Elovici, Y.: CIoTA: Collaborative IoT anomaly detection via blockchain. In: proceedings of workshop on decentralized IoT security and standards (DISS), pp. 1-6 (2018)

  50. Li, W., Tug, S., Meng, W., Wang, Y.: Designing collaborative Blockchained signature-based intrusion detection in IoT environments. Future Generat. Comput. Syst. 96, 481–489 (2019)

    Article  Google Scholar 

  51. Tug, S., Meng, W., Wang, X.: CBSigIDS: Towards collaborative blockchained signature-based intrusion detection. In: proceedings of The 1st IEEE international conference on blockchain (Blockchain) (2018)

  52. Meng, W., Li, W., Tug, S., Tan, J.: Towards blockchain-enabled single character frequency-based exclusive signature matching in IoT-assisted smart cities. J. Parallel Distrib. Comput. 144, 268–277 (2020)

  53. Hu, B., Zhou, C., Tian, Y.-C., Qin, Y., Junping, X.: A collaborative intrusion detection approach using blockchain for multimicrogrid systems. IEEE Trans. Syst. Man Cybern. Syst. 49(8), 1720–1730 (2019)

    Article  Google Scholar 

  54. Kanth, V., McAbee, A., Tummala, M., McEachen, J.C.: Collaborative intrusion detection leveraging blockchain and pluggable authentication modules. In: proceedings of HICSS 1-7 (2020)

  55. Lamb, C.C., Heileman, G.L.: Towards robust trust in software defined networks. GLOBECOM Workshops, pp. 166-171 (2014)

  56. Yan, Z., Zhang, P., Vasilakos, A.V.: A security and trust framework for virtualized networks and software-defined networking. Security and Communication Networks 9(16), 3059–3069 (2016)

    Article  Google Scholar 

  57. Meng, W., Raymond Choo, K.K., Furnell, S., Vasilakos, A.V., Probst, C.W.: Towards Bayesian-based trust management for insider attacks in healthcare software-defined networks. IEEE Trans. Netw. Service Manag. 15(2), 761–773 (2018)

    Article  Google Scholar 

  58. Zhang, D., Yu, F.R., Yang, R., Tang, H.: A Deep Reinforcement Learning-based Trust Management Scheme for Software-defined Vehicular Networks. DIVANet@MSWiM, pp. 1-7 (2018)

  59. Steichen, M.,. Hommes, S., State, R.: ChainGuard–A firewall for blockchain applications using SDN with OpenFlow. In: Proceedings of IPTComm, pp. 1-8 (2017)

  60. Ujjan, R.M.A., Pervez, Z., Dahal, K.P.: Snort Based Collaborative Intrusion Detection System Using Blockchain in SDN. In: Proceedings of SKIMA, pp. 1-8 (2019)

  61. Li, W., Wang, Y., Meng, W., Li, J., Su, C.: BlockCSDN: towards Blockchain-based collaborative intrusion detection in software defined networking. IEICE Trans. Inf. Syst. 105–D(2), 272–279 (2022)

    Article  Google Scholar 

  62. Open vSwitch, an open virtual switch. http://openvswitch.org/ (Access on September 2022)

  63. The POX Controller, https://github.com/noxrepo/pox/> (Access on October 2022)

  64. Snort: An an open source network intrusion prevention and detection system (IDS/IPS). Homepage: http://www.snort.org/

  65. NetScanTools. https://www.netscantools.com/nstpro_packet_generator.html. (Access on July 2022)

  66. Chiu, W.Y., Meng, W.: BlockFW–towards blockchain-based rule-sharing firewall. In: The 16th SECURWARE, pp. 70-75 (2022)

Download references

Acknowledgements

This work was funded by the National Natural Science Foundation of China (NSFC) Grant No. 62102106.

Author information

Authors and Affiliations

  1. Institute of Artificial Intelligence and Blockchain, Guangzhou University, Guangzhou, China

    Wenjuan Li, Yu Wang & Jin Li

  2. Department of Electronic and Information Engineering, The Hong Kong Polytechnic University, Hung Hom, Kowloon, Hong Kong, China

    Wenjuan Li

Authors
  1. Wenjuan Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yu Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jin Li
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Wenjuan Li.

Ethics declarations

Conflict of interest

All authors declare that they have no conflict of interest.

Ethical approval

This article does not contain any studies with human participants or animals performed by any of the authors.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

A preliminary version of this paper has been presented at The 14th International Conference on Network and System Security (NSS), pp. 261–276, 2020 [1].

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Li, W., Wang, Y. & Li, J. A blockchain-enabled collaborative intrusion detection framework for SDN-assisted cyber-physical systems. Int. J. Inf. Secur. 22, 1219–1230 (2023). https://doi.org/10.1007/s10207-023-00687-x

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10207-023-00687-x

Keywords

Search

Navigation