Advertisement

Towards Trust-Aware Collaborative Intrusion Detection: Challenges and Solutions

  • Emmanouil Vasilomanolakis
  • Sheikh Mahbub Habib
  • Pavlos Milaszewicz
  • Rabee Sohail Malik
  • Max Mühlhäuser
Conference paper
Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT, volume 505)

Abstract

Collaborative Intrusion Detection Systems (CIDSs) are an emerging field in cyber-security. In such an approach, multiple sensors collaborate by exchanging alert data with the goal of generating a complete picture of the monitored network. This can provide significant improvements in intrusion detection and especially in the identification of sophisticated attacks. However, the challenge of deciding to which extend a sensor can trust others, has not yet been holistically addressed in related work. In this paper, we firstly propose a set of requirements for reliable trust management in CIDSs. Afterwards, we carefully investigate the most dominant CIDS trust schemes. The main contribution of the paper is mapping the results of the analysis to the aforementioned requirements, along with a comparison of the state of the art. Furthermore, this paper identifies and discusses the research gaps and challenges with regard to trust and CIDSs.

Keywords

Intrusion Detection System Trust Management Trust Level Initial Trust Computational Trust 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Notes

Acknowledgments

This work has received funding from the European Union’s Horizon 2020 Research and Innovation Program, PROTECTIVE, under Grant Agreement No 700071.

References

  1. 1.
    Duma, C., Karresand, M., Shahmehri, N., Caronni, G.: A trust-aware, P2P-based overlay for intrusion detection. In: 17th International Workshop on Database and Expert Systems Applications, DEXA 2006, September 2006Google Scholar
  2. 2.
    Fung, C., Zhang, J., Aib, I., Boutaba, R.: Trust management and admission control for host-based collaborative intrusion detection. J. Netw. Syst. Manag. 19, 257–277 (2011)CrossRefGoogle Scholar
  3. 3.
    Fung, C.: Collaborative intrusion detection networks and insider attacks. J. Wireless Mob. Netw. Ubiquit. Comput. Dependable Appl. 2(1), 63–74 (2011)Google Scholar
  4. 4.
    Fung, C.J., Zhang, J., Aib, I., Boutaba, R.: Dirichlet-based trust management for effective collaborative intrusion detection networks. IEEE Trans. Netw. Serv. Manag. 8(2), 79–91 (2011)CrossRefGoogle Scholar
  5. 5.
    Habib, S.M., Volk, F., Hauke, S., Mühlhäuser, M.: Computational trust methods for security quantification in the cloud ecosystem. In: The Cloud Security Ecosystem - Technical, Legal, Business and Management Issues, pp. 463–493. Syngress (2015)Google Scholar
  6. 6.
    Mitchell, R., Chen, I.R.: A survey of intrusion detection techniques for cyber-physical systems. ACM Comput. Surv. (CSUR) 46(4), 55 (2014)CrossRefGoogle Scholar
  7. 7.
    Ortega, F.J., Troyano, J.A., Cruz, F.L., Vallejo, C.G., Enríquez, F.: Propagation of trust and distrust for the detection of trolls in a social network. Comput. Netw. 56(12), 2884–2895 (2012)CrossRefGoogle Scholar
  8. 8.
    Pérez, M.G., Mármol, F.G., Pérez, G.M., Skarmeta Gómez, A.F.: Building a reputation-based bootstrapping mechanism for newcomers in collaborative alert systems. J. Comput. Syst. Sci. 80, 571–590 (2014)CrossRefzbMATHGoogle Scholar
  9. 9.
    Pérez, M.G., Tapiador, J.E., Clark, J.A., Pérez, G.M., Skarmeta Gómez, A.F.: Trustworthy placements: Improving quality and resilience in collaborative attack detection. Comput. Netw. 58, 70–86 (2014)CrossRefGoogle Scholar
  10. 10.
    Vasilomanolakis, E., Karuppayah, S., Mühlhäuser, M., Fischer, M.: Taxonomy and survey of collaborative intrusion detection. ACM Comput. Surv. 47(4), 33 (2015)CrossRefGoogle Scholar
  11. 11.
    Yu, B., Singh, M.: Detecting deception in reputation management. In: Proceedings of the Second International Joint Conference on Autonomous Agents and Multiagent Systems (2003)Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2017

Authors and Affiliations

  • Emmanouil Vasilomanolakis
    • 1
  • Sheikh Mahbub Habib
    • 1
  • Pavlos Milaszewicz
    • 1
  • Rabee Sohail Malik
    • 1
  • Max Mühlhäuser
    • 1
  1. 1.Telecooperation GroupTechnische Universität DarmstadtDarmstadtGermany

Personalised recommendations