Robust and scalable trust management for collaborative intrusion detection

Authors:
Carol J. Fung;Jie Zhang;Issam Aib;Raouf Boutaba
Affiliations:
David R. Cheriton School of Computer Science, University of Waterloo, Waterloo, ON, Canada;David R. Cheriton School of Computer Science, University of Waterloo, Waterloo, ON, Canada;David R. Cheriton School of Computer Science, University of Waterloo, Waterloo, ON, Canada;David R. Cheriton School of Computer Science, University of Waterloo, Waterloo, ON, Canada
Venue:
IM'09 Proceedings of the 11th IFIP/IEEE international conference on Symposium on Integrated Network Management
Year:
2009

Citing 8
Cited 4

Artificial intelligence: a modern approach

Artificial intelligence: a modern approach
Reputation systems

Communications of the ACM
The Sybil Attack

IPTPS '01 Revised Papers from the First International Workshop on Peer-to-Peer Systems
Detecting deception in reputation management

AAMAS '03 Proceedings of the second international joint conference on Autonomous agents and multiagent systems
Indra: A peer-to-peer approach to network intrusion detection and prevention

WETICE '03 Proceedings of the Twelfth International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises
Trusting advice from other buyers in e-marketplaces: the problem of unfair ratings

ICEC '06 Proceedings of the 8th international conference on Electronic commerce: The new e-commerce: innovations for conquering current barriers, obstacles and limitations to conducting successful business on the internet
A Trust-Aware, P2P-Based Overlay for Intrusion Detection

DEXA '06 Proceedings of the 17th International Conference on Database and Expert Systems Applications
Towards scalable and robust distributed intrusion alert fusion with good load balancing

Proceedings of the 2006 SIGCOMM workshop on Large-scale attack defense

A game-theoretical approach to incentive design in collaborative intrusion detection network

GameNets'09 Proceedings of the First ICST international conference on Game Theory for Networks
Trust Management and Admission Control for Host-Based Collaborative Intrusion Detection

Journal of Network and Systems Management
SMURFEN: a system framework for rule sharing collaborative intrusion detection

Proceedings of the 7th International Conference on Network and Services Management
Game theory meets network security and privacy

ACM Computing Surveys (CSUR)

Quantified Score

Hi-index	0.00

Visualization

Abstract

The accuracy of detecting intrusions within an Intrusion Detection Network (IDN) depends on the efficiency of collaboration between the peer Intrusion Detection Systems (IDSes) as well as the security itself of the IDN against insider threats. In this paper, we study host-based IDNs and introduce a Dirichlet-based model to measure the level of trustworthiness among peer IDSes according to their mutual experience. The model has strong scalability properties and is robust against common insider threats, such as a compromised or malfunctioning peer. We evaluate our system based on a simulated collaborative host-based IDS network. The experimental results demonstrate the improved robustness, efficiency, and scalability of our system in detecting intrusions in comparison with existing models.