Enhancing collaborative intrusion detection networks using intrusion sensitivity in detecting pollution attacks. (11th July 2016)
- Record Type:
- Journal Article
- Title:
- Enhancing collaborative intrusion detection networks using intrusion sensitivity in detecting pollution attacks. (11th July 2016)
- Main Title:
- Enhancing collaborative intrusion detection networks using intrusion sensitivity in detecting pollution attacks
- Authors:
- Li, Wenjuan
Meng, Weizhi - Abstract:
- Abstract : Purpose: This paper aims to propose and evaluate an intrusion sensitivity (IS)-based approach regarding the detection of pollution attacks in collaborative intrusion detection networks (CIDNs) based on the observation that each intrusion detection system may have different levels of sensitivity in detecting specific types of intrusions. Design/methodology/approach: In this work, the authors first introduce their adopted CIDN framework and a newly designed aggregation component, which aims to collect feedback, aggregate alarms and identify important alarms. The authors then describe the details of trust computation and alarm aggregation. Findings: The evaluation on the simulated pollution attacks indicates that the proposed approach is more effective in detecting malicious nodes and reducing the negative impact on alarm aggregation as compared to similar approaches. Research limitations/implications: More efforts can be made in improving the mapping of the satisfaction level, enhancing the allocation, evaluation and update of IS and evaluating the trust models in a large-scale network. Practical implications: This work investigates the effect of the proposed IS-based approach in defending against pollution attacks. The results would be of interest for security specialists in deciding whether to implement such a mechanism for enhancing CIDNs. Originality/value: The experimental results demonstrate that the proposed approach is more effective in decreasing the trustAbstract : Purpose: This paper aims to propose and evaluate an intrusion sensitivity (IS)-based approach regarding the detection of pollution attacks in collaborative intrusion detection networks (CIDNs) based on the observation that each intrusion detection system may have different levels of sensitivity in detecting specific types of intrusions. Design/methodology/approach: In this work, the authors first introduce their adopted CIDN framework and a newly designed aggregation component, which aims to collect feedback, aggregate alarms and identify important alarms. The authors then describe the details of trust computation and alarm aggregation. Findings: The evaluation on the simulated pollution attacks indicates that the proposed approach is more effective in detecting malicious nodes and reducing the negative impact on alarm aggregation as compared to similar approaches. Research limitations/implications: More efforts can be made in improving the mapping of the satisfaction level, enhancing the allocation, evaluation and update of IS and evaluating the trust models in a large-scale network. Practical implications: This work investigates the effect of the proposed IS-based approach in defending against pollution attacks. The results would be of interest for security specialists in deciding whether to implement such a mechanism for enhancing CIDNs. Originality/value: The experimental results demonstrate that the proposed approach is more effective in decreasing the trust values of malicious nodes and reducing the impact of pollution attacks on the accuracy of alarm aggregation as compare to similar approaches. … (more)
- Is Part Of:
- Information and computer security. Volume 24:Number 3(2016)
- Journal:
- Information and computer security
- Issue:
- Volume 24:Number 3(2016)
- Issue Display:
- Volume 24, Issue 3 (2016)
- Year:
- 2016
- Volume:
- 24
- Issue:
- 3
- Issue Sort Value:
- 2016-0024-0003-0000
- Page Start:
- 265
- Page End:
- 276
- Publication Date:
- 2016-07-11
- Subjects:
- CIDN -- Intrusion detection -- Trust computation
Computer security -- Management -- Periodicals
Computer networks -- Security measures -- Periodicals
Data protection -- Management -- Periodicals
658.47 - Journal URLs:
- http://www.emeraldinsight.com/loi/ics ↗
http://www.emeraldinsight.com/ ↗ - DOI:
- 10.1108/ICS-12-2014-0077 ↗
- Languages:
- English
- ISSNs:
- 2056-4961
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 4481.796000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 8709.xml