Abstract
The sophistication of the recent cloud computing systems has made them more vulnerable to intelligent cyber attacks. Moreover, it is becoming very difficult for a single intrusion detection system (IDS) to detect all existing attacks, due to limited knowledge about such attacks’ patterns and implications. Recent works in cloud security have shown that cooperation among cloud-based IDSs can enhance their accuracy. However, there are two main challenges associated with the existing cooperative IDSs, which are related to trust and fairness assurance. To tackle these challenges, we propose in this paper a cooperative cloud-based IDS framework that (1) enables IDSs to distributively form trustworthy IDSs communities by advancing a trust-based hedonic coalitional game, which allows IDSs to increase their individual detection accuracy in the presence of untrusted IDSs and (2) formulates a fairness assurance mechanism as a Stackelberg game between the well-behaving IDSs and the selfish ones that frequently send consultation requests to other IDSs, and at the same do not answer other IDSs’ consultation requests. Experimental results show the effectiveness of the proposed approach in terms of enhancing the accuracy of detection and achieving the fairness among IDSs in terms of benefits obtained through cooperation.
Similar content being viewed by others
References
Man ND, Huh E-N (2012) A collaborative intrusion detection system framework for cloud computing. In: Proceedings of the international conference on IT convergence and security 2011. Springer, pp 91–109
Singh D, Patel D, Borisaniya B, Modi C (2016) Collaborative ids framework for cloud. International Journal of Network Security 18(4):699–709
Ghribi S (2016) Distributed and cooperative intrusion detection in cloud networks. In: Proceedings of the doctoral symposium of the 17th international middleware conference. ACM, p 7
Fung CJ, Zhu Q (2016) Facid: a trust-based collaborative decision framework for intrusion detection networks. Ad Hoc Netw 53:17–31
Fung CJ, Lam DY, Boutaba R (2014) Revmatch: an efficient and robust decision model for collaborative malware detection. In: Network operations and management symposium (NOMS), 2014 IEEE. IEEE, pp 1–9
Chiba Z, Abghour N, Moussaid K, Rida M, et al. (2016) A cooperative and hybrid network intrusion detection framework in cloud computing based on snort and optimized back propagation neural network. Procedia Computer Science 83:1200–1206
Al-Mousa Z, Nasir Q (2015) cl-cidps: a cloud computing based cooperative intrusion detection and prevention system framework. In: International conference on future network systems and security. Springer, pp 181–194
Kholidy HA, Baiardi F (2012) Cids: a framework for intrusion detection in cloud systems. In: 2012 ninth international conference on information technology: New generations (ITNG). IEEE, pp 379–385
Ray D (2007) A game-theoretic perspective on coalition formation. Oxford University Press, London
Shafer G (1992) Dempster-shafer theory. Encyclopedia of artificial intelligence, pp 330–331
Von Stackelberg H (2010) Market structure and equilibrium. Springer Science & Business Media, Berlin
Abusitta A, Bellaiche M, Dagenais M (2018) A trust-based game theoretical model for cooperative intrusion detection in multi-cloud environments. In: 2018 21st conference on innovation in clouds, internet and networks and workshops (ICIN). IEEE, pp 1–8
Modi C, Patel D, Borisaniya B, Patel H, Patel A, Rajarajan M (2013) A survey of intrusion detection techniques in cloud. J Netw Comput Appl 36(1):42–57
Lo C-C, Huang C-C, Ku J (2010) A cooperative intrusion detection system framework for cloud computing networks. In: 2010 39th international conference on parallel processing workshops (ICPPW). IEEE, pp 280–284
Teng S, Zheng C, Zhu H, Liu D, Zhang W (2014) A cooperative intrusion detection model for cloud computing networks. International Journal of Security and its Applications 8(3):107–118
Dermott Á, Qi S, Kifayat K (2015) Collaborative intrusion detection in federated cloud environments. Int J Comput Sci Appl 3(3A):10–20
Locasto ME, Parekh JJ, Keromytis AD, Stolfo SJ (2005) Towards collaborative security and p2p intrusion detection. In: Information assurance workshop, 2005. IAW’05. Proceedings from the sixth annual IEEE SMC. IEEE, pp 333–339
Cordero CG, Vasilomanolakis E, Mühlhäuser M, Fischer M (2015) Community-based collaborative intrusion detection. In: Securecomm, pp 665–681
Yegneswaran V, Barford P, Jha S (2004) Global intrusion detection in the domino overlay system. In: NDSS
Cai M, Hwang K, Kwok Y-K, Song S, Chen Y (2005) Collaborative internet worm containment. IEEE Secur Priv 3(3):25–33
Liu X, Zhu P, Zhang Y, Chen K (2015) A collaborative intrusion detection mechanism against false data injection attack in advanced metering infrastructure. IEEE Trans Smart Grid 6(5):2435–2443
Patel A, Alhussian H, Pedersen JM, Bounabat B, Júnior JC, Katsikas S (2017) A nifty collaborative intrusion detection and prevention architecture for smart grid ecosystems. Comput Secur 64:92–109
Huang N-F, Wang C, Liao I-J, Lin C-W, Kao C-N (2015) An openflow-based collaborative intrusion prevention system for cloud networking. In: 2015 IEEE international conference on communication software and networks (ICCSN). IEEE, pp 85–92
Sedjelmaci H, Senouci SM (2015) An accurate and efficient collaborative intrusion detection framework to secure vehicular networks. Comput Electr Eng 43:33–47
Zhu Q, Fung C, Boutaba R, Basar T (2009) A game-theoretical approach to incentive design in collaborative intrusion detection networks. In: International conference on game theory for networks, 2009. Gamenets’ 09. IEEE, pp 384–392
Zhu Q, Fung C, Boutaba R, Basar T (2012) Guidex: a game-theoretic incentive-based mechanism for intrusion detection networks. IEEE J Sel Areas Commun 30(11):2220–2230
Fung C, Zhu Q, Boutaba R, Başar T (2011) Smurfen: a system framework for rule sharing collaborative intrusion detection. In: Proceedings of the 7th international conference on network and services management. International Federation for Information Processing, pp 248–253
Zhu Q, Fung C, Boutaba R, Başar T (2011) A game-theoretic approach to rule sharing mechanism in networked intrusion detection systems: robustness, incentives and security. In: 2011 50th IEEE conference on decision and control and European control conference (CDC-ECC). IEEE, pp 243–248
Hassan MM, Abdullah-Al-Wadud M, Almogren A, Rahman SK, Alelaiwi A, Alamri A, Hamid Md, et al. (2015) Qos and trust-aware coalition formation game in data-intensive cloud federations. Concurrency and computation: practice and experience
Grivas SG, Kumar TU, Wache H (2010) Cloud broker: bringing intelligence into the cloud. In: 2010 IEEE 3rd international conference on cloud computing (CLOUD). IEEE, pp 544–545
Wahab OA, Bentahar J, Otrok H, Mourad A (2018) Towards trustworthy multi-cloud services communities: a trust-based hedonic coalitional game. IEEE Trans Serv Comput 11(1):184–201
Josang A, Ismail R (2002) The beta reputation system. In: Proceedings of the 15th bled electronic commerce conference, vol 5, pp 2502–2511
Yahyaoui H (2012) A trust-based game theoretical model for web services collaboration. Knowl-Based Syst 27:162–169
Bogomolnaia A, Jackson MO (2002) The stability of hedonic coalition structures. Games Econom Behav 38(2):201–230
Dreze JH, Greenberg J (1980) Hedonic coalitions: optimality and stability. Econometrica: Journal of the Econometric Society, pp 987–1003
Wahab OA, Bentahar J, Otrok H, Mourad A (2017) Optimal load distribution for the detection of vm-based ddos attacks in the cloud. IEEE transactions on services computing
Apt KR, Witzel A (2009) A generic approach to coalition formation. International Game Theory Review 11(03):347–367
Sandholm T, Larson K, Andersson M, Shehory O, Tohmé F (1999) Coalition structure generation with worst case guarantees. Artif Intell 111(1-2):209–238
Guazzone M, Anglano C, Sereno M (2014) A game-theoretic approach to coalition formation in green cloud federations. In: 2014 14th IEEE/ACM international symposium on cluster, cloud and grid computing (CCGrid). IEEE, pp 618–625
Sinha PK (1998) Distributed operating systems: concepts and design. PHI Learning Pvt Ltd
Wooldridge M (2009) An introduction to multiagent systems. Wiley, New York
Kshemkalyani AD, Singhal M (2011) Distributed computing: principles, algorithms, and systems. Cambridge University Press, Cambridge
Saad W, Han Z, Basar T, Debbah M, Hjorungnes A (2011) Hedonic coalition formation for distributed task allocation among wireless agents. IEEE Trans Mob Comput 10(9):1327–1344
Liu Y, Sun YL, Liu S, Kot AC (2013) Securing online reputation systems through dempster-shafer theory based trust model. IEEE transactions on information forensics and security, 8(6)
Wei Z, Tang H, Yu FR, Wang M, Mason P (2014) Security enhancements for mobile ad hoc networks with trust management using uncertain reasoning. IEEE Trans Veh Technol 63(9):4647–4658
Liu S, Kot AC, Miao C, Theng Y-L (2012) A dempster-shafer theory based witness trustworthiness model. In: Proceedings of the 11th international conference on autonomous agents and multiagent systems-volume 3. International foundation for autonomous agents and multiagent systems, pp 1361–1362
Bu S, Yu FR, Liu X, Mason P, Tang H (2011) Distributed combined authentication and intrusion detection with data fusion in high-security mobile ad hoc networks. IEEE Trans Veh Technol 60(3):1025–1036
Yu B, Singh MP (2002) An evidential model of distributed reputation management. In: Proceedings of the first international joint conference on autonomous agents and multiagent systems: Part 1. ACM, pp 294–301
Rashidi B, Fung C, Bertino E (2017) A collaborative ddos defence framework using network function virtualization. IEEE Trans Inf Forensics Secur 12(10):2483–2497
Wahab OA, Bentahar J, Otrok H, Mourad A (2015) A survey on trust and reputation models for web services: single, composite, and communities. Decis Support Syst 74:121–134
Fung C, Zhang J, Aib I, Boutaba R (2009) Robust and scalable trust management for collaborative intrusion detection. In: IFIP/IEEE international symposium on integrated network management, 2009. IM ’09. IEEE, pp 33–40
Funding
The financial support of the Natural Sciences and Engineering Research Council of Canada is gratefully acknowledged.
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher’s note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Abusitta, A., Bellaiche, M. & Dagenais, M. Multi-cloud cooperative intrusion detection system: trust and fairness assurance. Ann. Telecommun. 74, 637–653 (2019). https://doi.org/10.1007/s12243-019-00724-8
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12243-019-00724-8