Skip to main content
SpringerLink
Log in

EnergyCIDN: Enhanced Energy-Aware Challenge-Based Collaborative Intrusion Detection in Internet of Things

  • Conference paper
  • First Online:
Algorithms and Architectures for Parallel Processing (ICA3PP 2022)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 13777))

  • 1493 Accesses

Abstract

With cyber attacks becoming more complex and advanced, a separate intrusion detection system (IDS) is believed to be insufficient for protecting the whole computer networks. Thus, collaborative intrusion detection networks (CIDNs) are proposed aiming to improve the detection performance by allowing various nodes to share required information or messages with other nodes. To defeat insider threats during the sharing process (e.g., malicious information), trust management is a necessary security mechanism for CIDNs, where challenge-based CIDNs are a typical example that sends a special kind of message, called challenge, to evaluate the reputation of a node. The previous work has proven that challenge-based CIDNs can defeat most common insider threats, but it may still suffer from some advanced insider threats, e.g., passive message fingerprint attack (PMFA). In this work, we develop EnergyCIDN, an enhanced challenge-based CIDN by adopting an energy-aware trust management model against advanced insider attacks. In the evaluation, we study the performance of EnergyCIDN under both simulated and practical Internet of Things (IoT) environments. The results demonstrate that EnergyCIDN can perform better than many similar schemes in identifying advanced malicious nodes.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 89.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 119.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    It is also known as distributed intrusion detection system (DIDS) or collaborative intrusion detection system (CIDS).

  2. 2.

    Marginal distribution of a subset of random variables is the probability distribution of the variables contained in the subset.

References

  1. IoT Trends To Drive Innovation For Business In 2022 - MobiDev. https://mobidev.biz/blog/iot-technology-trends. Accessed 1 June 2022

  2. Report: More than 1B IoT attacks in 2021. https://venturebeat.com/2022/04/25/report-more-than-1b-iot-attacks-in-2021/. Accessed 1 June 2022

  3. IoT Security Global Market Report 2022. https://www.globenewswire.com/news-release/2022/03/22/2407932/0/en/IoT-Security-Global-Market-Report-2022.html. Accessed 3 May 2022

  4. Ma, Z., Liu, L., Meng, W.: Towards multiple-mix-attack detection via consensus-based trust management in iot networks. Comput. Secur. 96, 101898 (2020)

    Article  Google Scholar 

  5. Paniagua, C., Delsing, J.: Industrial frameworks for internet of things: a survey. IEEE Syst. J. 15(1), 1149–1159 (2021)

    Article  Google Scholar 

  6. Cao, S., Dang, S., Zhang, Y., Wang, W., Cheng, N.: A blockchain-based access control and intrusion detection framework for satellite communication systems. Comput. Commun. 172, 216–225 (2021)

    Article  Google Scholar 

  7. Chiu, W.Y., Meng, W.: BlockFW - towards blockchain-based rule-sharing firewall. In: Proceedings of the 16th International Conference on Emerging Security Information, Systems and Technologies (SECURWARE), IARIA 2022 (2022)

    Google Scholar 

  8. Duma, C., Karresand, M., Shahmehri, N., Caronni, G.: A trust-aware, P2P-based overlay for intrusion detection. In: DEXA Workshop, pp. 692–697 (2006)

    Google Scholar 

  9. Fadlullah, Z.M., Taleb, T., Vasilakos, A.V., Guizani, M., Kato, N.: DTRAB: combating against attacks on encrypted protocols through traffic-feature analysis. IEEE/ACM Trans. Network. 18(4), 1234–1247 (2010)

    Article  Google Scholar 

  10. Friedberg, I., Skopik, F., Settanni, G., Fiedler, R.: Combating advanced persistent threats: from network event correlation to incident detection. Comput. Secur. 48, 35–47 (2015)

    Article  Google Scholar 

  11. Fung, C.J., Baysal, O., Zhang, J., Aib, I., Boutaba, R.: Trust management for host-based collaborative intrusion detection. In: De Turck, F., Kellerer, W., Kormentzas, G. (eds.) DSOM 2008. LNCS, vol. 5273, pp. 109–122. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-87353-2_9

    Chapter  Google Scholar 

  12. Fung, C.J.; Zhu, Q., Boutaba, R., Basar, T.: Bayesian decision aggregation in collaborative intrusion detection networks. In: NOMS, pp. 349–356 (2010)

    Google Scholar 

  13. Golomb, T., Mirsky, Y., Elovici, Y.: CIoTA: collaborative IoT anomaly detection via blockchain. In: Proceedings of Workshop on Decentralized IoT Security and Standards (DISS), pp. 1–6 (2018)

    Google Scholar 

  14. Khan, A.A., Khan, M.M., Khan, K.M., Arshad, J., Ahmad, F.: A blockchain-based decentralized machine learning framework for collaborative intrusion detection within UAVs. Comput. Netw. 196, 108217 (2021)

    Article  Google Scholar 

  15. Han, Y., Hu, H., Guo, Y.: Energy-aware and trust-based secure routing protocol for wireless sensor networks using adaptive genetic algorithm. IEEE Access 10, 11538–11550 (2022)

    Article  Google Scholar 

  16. Hu, B., Zhou, C., Tian, Y.C., Qin, Y., Junping, X.: A collaborative intrusion detection approach using blockchain for multimicrogrid systems. IEEE Trans. Syst. Man Cybern. Syst. 49(8), 1720–1730 (2019)

    Article  Google Scholar 

  17. Li, Z., Chen, Y., Beach, A.: Towards scalable and robust distributed intrusion alert fusion with good load balancing. In: Proceedings of the 2006 SIGCOMM Workshop on Large-Scale Attack Defense (LSAD), pp. 115–122 (2006)

    Google Scholar 

  18. Li, W., Meng, Y., Kwok, L.-F.: Enhancing trust evaluation using intrusion sensitivity in collaborative intrusion detection networks: feasibility and challenges. In: Proceedings of the 9th International Conference on Computational Intelligence and Security (CIS), pp. 518–522. IEEE (2013)

    Google Scholar 

  19. Li, W., Meng, W., Kwok, L.-F.: Design of intrusion sensitivity-based trust management model for collaborative intrusion detection networks. In: Zhou, J., Gal-Oz, N., Zhang, J., Gudes, E. (eds.) IFIPTM 2014. IAICT, vol. 430, pp. 61–76. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-43813-8_5

    Chapter  Google Scholar 

  20. Li. W., Meng, W.: Enhancing collaborative intrusion detection networks using intrusion sensitivity in detecting pollution attacks. Inf. Comput. Secur. 24(3), 265–276 (2016). Emerald

    Google Scholar 

  21. Li, W., Meng, W., Kwok, L.F., Ip, H.H.S.: PMFA: toward passive message fingerprint attacks on challenge-based collaborative intrusion detection networks. In: Proceedings of the 10th International Conference on Network and System Security (NSS 2016), pp. 433–449 (2016)

    Google Scholar 

  22. Li, W., Meng, W., Kwok, L.F.: SOOA: exploring special on-off attacks on challenge-based collaborative intrusion detection networks. In: Proceedings of GPC, pp. 402–415 (2017)

    Google Scholar 

  23. Li, W., Meng, W., Kwok, L.-F.: Investigating the influence of special on-off attacks on challenge-based collaborative intrusion detection networks. Future Internet 10(1), 1–16 (2018)

    Article  Google Scholar 

  24. Li, W., Tug, S., Meng, W., Wang, Y.: Designing collaborative blockchained signature-based intrusion detection in IoT environments. Future Gener. Comput. Syst. (in Press). Elsevier

    Google Scholar 

  25. Li, W., Kwok, L.-F.: Challenge-based collaborative intrusion detection networks under passive message fingerprint attack: a further analysis. J. Inf. Secur. Appl. 47, 1–7 (2019)

    Google Scholar 

  26. Li, W., Wang, Y., Li, J., Au, M.H.: Toward a blockchain-based framework for challenge-based collaborative intrusion detection. Int. J. Inf. Secur. 20(2), 127–139 (2021)

    Article  Google Scholar 

  27. Li, W., Wang, Y., Li, J.: Enhancing blockchain-based filtration mechanism via IPFS for collaborative intrusion detection in IoT networks. J. Syst. Archit. 127, 102510 (2022)

    Article  Google Scholar 

  28. Li, W., Meng, W., Kwok, L.-F.: Surveying trust-based collaborative intrusion detection: state-of-the-art, challenges and future directions. IEEE Commun. Surv. Tutor. 24(1), 280–305 (2022)

    Article  Google Scholar 

  29. Li, W., Meng, W.: BCTrustFrame: enhancing trust management via blockchain and IPFS in 6G era. IEEE Netw. 36(4), 120–125 (2022)

    Article  Google Scholar 

  30. Meng, Y., Kwok, L.F., Li, W.: Towards designing packet filter with a trust-based approach using Bayesian inference in network intrusion detection. In: Proceedings of the 8th International Conference on Security and Privacy in Communication Networks (SECURECOMM), pp. 203–221 (2012)

    Google Scholar 

  31. Meng, Y., Kwok, L.F.: Enhancing false alarm reduction using voted ensemble selection in intrusion detection. Int. J. Comput. Intell. Syst. 6(4), 626–638 (2013). Taylor & Francis

    Google Scholar 

  32. Meng, Y., Li, W., Kwok, L.F.: Towards adaptive character frequency-based exclusive signature matching scheme and its applications in distributed intrusion detection. Comput. Netw. 57(17), 3630–3640 (2013). Elsevier

    Google Scholar 

  33. Meng, W., Li, W., Kwok, L.-F.: An evaluation of single character frequency-based exclusive signature matching in distinct IDS environments. In: Proceedings of the 17th International Conference on Information Security (ISC), pp. 465–476 (2014)

    Google Scholar 

  34. Meng, W., Li, W., Kwok, L.-F.: EFM: enhancing the performance of signature-based network intrusion detection systems using enhanced filter mechanism. Comput. Secur. 43, 189–204 (2014). Elsevier

    Google Scholar 

  35. Meng, W., Li, W., Kwok, L.-F.: Design of intelligent KNN-based alarm filter using knowledge-based alert verification in intrusion detection. Secur. Commun. Netw. 8(18), 3883–3895 (2015). Wiley

    Google Scholar 

  36. Meng, W., Luo, X., Li, W., Li, Y.: Design and evaluation of advanced collusion attacks on collaborative intrusion detection networks in practice. In: Proceedings of the 15th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom 2016), pp. 1061–1068 (2016)

    Google Scholar 

  37. Meng, W., Li, W., Xiang, Y., Choo, K.K.R.: A Bayesian inference-based detection mechanism to defend medical smartphone networks against insider attacks. J. Netw. Comput. Appl. 78, 162–169 (2017). Elsevier

    Google Scholar 

  38. Meng, W., Li, W., Kwok, L.-F.: Towards effective trust-based packet filtering in collaborative network environments. IEEE Trans. Netw. Serv. Manag. 14(1), 233–245 (2017)

    Article  Google Scholar 

  39. Meng, W., Tischhauser, E.W., Wang, Q., Wang, Y., Han, J.: When intrusion detection meets blockchain technology: a review. IEEE Access 6(1), 10179–10188 (2018)

    Article  Google Scholar 

  40. Meng, W., Li, W., Jiang, L., Choo, K.K.R., Su, C.: Practical Bayesian poisoning attacks on challenge-based collaborative intrusion detection networks. In: Proceedings of the ESORICS, pp. 493–511 (2019)

    Google Scholar 

  41. Meng, W., Li, W., Yang, L.T., Li, P.: Enhancing challenge-based collaborative intrusion detection networks against insider attacks using blockchain. Int. J. Inf. Secur. 19(3), 279–290 (2020)

    Article  Google Scholar 

  42. Papadopoulos, C., Lindell, R., Mehringer, J., Hussain, A., Govindan, R.: COSSACK: coordinated suppression of simultaneous attacks. In: Proceedings of the 2003 DARPA Information Survivability Conference and Exposition (DISCEX), pp. 94–96 (2003)

    Google Scholar 

  43. Porras, P.A., Neumann, P.G.: Emerald: event monitoring enabling responses to anomalous live disturbances. In: Proceedings of the 20th National Information Systems Security Conference, pp. 353–365 (1997)

    Google Scholar 

  44. Scarfone, K., Mell, P.: Guide to Intrusion Detection and Prevention Systems (IDPS). NIST Special Publication 800-94 (2007)

    Google Scholar 

  45. Snapp, S.R., et al.: DIDS (distributed intrusion detection system) - motivation, architecture, and an early prototype. In: Proceedings of the 14th National Computer Security Conference, pp. 167–176 (1991)

    Google Scholar 

  46. Shi, Q., Qin, L., Ding, Y., Xie, B., Zheng, J., Song, L.: Information-aware secure routing in wireless sensor networks. Sensors 20(1), Article 165 (2020)

    Google Scholar 

  47. Snort: An an open source network intrusion prevention and detection system (IDS/IPS). http://www.snort.org/

  48. Steichen, M., Hommes, S., State, R.: ChainGuard - a firewall for blockchain applications using SDN with OpenFlow. In: Proceedings of International Conference on Principles, Systems and Applications of IP Telecommunications (IPTComm), pp. 1–8 (2017)

    Google Scholar 

  49. Tug, S., Meng, W., Wang, Y.: CBSigIDS: towards collaborative blockchained signature-based intrusion detection. In: Proceedings of The 1st IEEE International Conference on Blockchain (Blockchain) (2018)

    Google Scholar 

  50. Tuan, T.A.: A game-theoretic analysis of trust management in P2P systems. In: Proceedings of ICCE, pp. 130–134 (2006)

    Google Scholar 

  51. Vasilomanolakis, E., Karuppayah, S., Muhlhauser, M., Fischer, M.: Taxonomy and Survey of Collaborative Intrusion Detection. ACM Computing Surveys 47(4), pp. 55:1–55:33 (2015)

    Google Scholar 

  52. Wang, Y., Meng, W., Li, W., Liu, Z., Liu, Y., Xue, H.: Adaptive machine learning-based alarm reduction via edge computing for distributed intrusion detection systems. Concurr. Comput. Pract. Exp. (2019). Wiley

    Google Scholar 

  53. Wu, Y.-S., Foo, B., Mei, Y., Bagchi, S.: Collaborative intrusion detection system (CIDS): a framework for accurate and efficient IDS. In: Proceedings of the 2003 Annual Computer Security Applications Conference (ACSAC), pp. 234–244 (2003)

    Google Scholar 

  54. Yenugunti, C., Yau, S.S.: A blockchain approach to identifying compromised nodes in collaborative intrusion detection systems. In: Proceedings of DASC/PiCom/CBDCom/CyberSciTech, pp. 87–93 (2020)

    Google Scholar 

  55. Yegneswaran, V., Barford, P., Jha, S.: Global intrusion detection in the DOMINO overlay system. In: Proceedings of the 2004 Network and Distributed System Security Symposium (NDSS), pp. 1–17 (2004)

    Google Scholar 

Download references

Acknowledgments

This work was partially supported by the start-up fund in the Department of Electronic and Information Engineering, The Hong Kong Polytechnic University.

Author information

Authors and Affiliations

  1. Department of Electronic and Information Engineering, The Hong Kong Polytechnic University, Hong Kong, China

    Wenjuan Li

  2. Department of Electronic Systems, Aalborg University, Aalborg, Denmark

    Philip Rosenberg & Mads Glisby

  3. KOTO Research Center, Macao SAR, China

    Michael Han

Authors
  1. Wenjuan Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Philip Rosenberg
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Mads Glisby
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Michael Han
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Wenjuan Li .

Editor information

Editors and Affiliations

  1. Technical University of Denmark, Kongens Lyngby, Denmark

    Weizhi Meng

  2. University of New Brunswick, Fredericton, NB, Canada

    Rongxing Lu

  3. University of Exeter, Exeter, UK

    Geyong Min

  4. Rutgers University, Newark, NJ, USA

    Jaideep Vaidya

Rights and permissions

Reprints and permissions

Copyright information

© 2023 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Li, W., Rosenberg, P., Glisby, M., Han, M. (2023). EnergyCIDN: Enhanced Energy-Aware Challenge-Based Collaborative Intrusion Detection in Internet of Things. In: Meng, W., Lu, R., Min, G., Vaidya, J. (eds) Algorithms and Architectures for Parallel Processing. ICA3PP 2022. Lecture Notes in Computer Science, vol 13777. Springer, Cham. https://doi.org/10.1007/978-3-031-22677-9_16

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-22677-9_16

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-22676-2

  • Online ISBN: 978-3-031-22677-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation