Trust Management for Host-Based Collaborative Intrusion Detection

Authors:
Carol J. Fung;Olga Baysal;Jie Zhang;Issam Aib;Raouf Boutaba
Affiliations:
David R. Cheriton School of Computer Science, University of Waterloo, Canada;David R. Cheriton School of Computer Science, University of Waterloo, Canada;David R. Cheriton School of Computer Science, University of Waterloo, Canada;David R. Cheriton School of Computer Science, University of Waterloo, Canada;David R. Cheriton School of Computer Science, University of Waterloo, Canada
Venue:
DSOM '08 Proceedings of the 19th IFIP/IEEE international workshop on Distributed Systems: Operations and Management: Managing Large-Scale Service Deployment
Year:
2008

Citing 7
Cited 2

Reputation systems

Communications of the ACM
Code-Red: a case study on the spread and victims of an internet worm

Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment
The Sybil Attack

IPTPS '01 Revised Papers from the First International Workshop on Peer-to-Peer Systems
Indra: A peer-to-peer approach to network intrusion detection and prevention

WETICE '03 Proceedings of the Twelfth International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises
Trusting advice from other buyers in e-marketplaces: the problem of unfair ratings

ICEC '06 Proceedings of the 8th international conference on Electronic commerce: The new e-commerce: innovations for conquering current barriers, obstacles and limitations to conducting successful business on the internet
A Trust-Aware, P2P-Based Overlay for Intrusion Detection

DEXA '06 Proceedings of the 17th International Conference on Database and Expert Systems Applications
Towards scalable and robust distributed intrusion alert fusion with good load balancing

Proceedings of the 2006 SIGCOMM workshop on Large-scale attack defense

SMURFEN: a system framework for rule sharing collaborative intrusion detection

Proceedings of the 7th International Conference on Network and Services Management
Game theory meets network security and privacy

ACM Computing Surveys (CSUR)

Quantified Score

Hi-index	0.00

Visualization

Abstract

The accuracy of detecting an intrusion within a network of intrusion detection systems (IDSes) depends on the efficiency of collaboration between member IDSes. The security itself within this network is an additional concern that needs to be addressed. In this paper, we present a trust-based framework for secure and effective collaboration within an intrusion detection network (IDN). In particular, we define a trust model that allows each IDS to evaluate the trustworthiness of others based on personal experience. We prove the correctness of our approach in protecting the IDN. Additionally, experimental results demonstrate that our system yields a significant improvement in detecting intrusions. The trust model further improves the robustness of the collaborative system against malicious attacks.