A fog-based privacy-preserving approach for distributed signature-based intrusion detection

Research output: Journal Publications and Reviews (RGC: 21, 22, 62)21_Publication in refereed journal

11 Scopus Citations
View graph of relations

Author(s)

  • Yu Wang
  • Weizhi Meng
  • Jin Li
  • Wai-Xi Liu
  • Yang Xiang

Related Research Unit(s)

Detail(s)

Original languageEnglish
Pages (from-to)26-35
Journal / PublicationJournal of Parallel and Distributed Computing
Volume122
Online published20 Jul 2018
Publication statusPublished - Dec 2018

Abstract

Intrusion detection systems (IDSs) are the frontier of defense against transmissible cyber threats that spread across distributed systems. Modern IDSs overcome the limitation of hardware processing power by offloading computation extensive operations such as signature matching to the cloud. Moreover, in order to prevent the rapid spread of transmissible cyber threats, collaborative intrusion detection schemes are widely deployed to allow distributed IDS nodes to exchange information with each other. However, no party wants to disclose their own data during the detection process, especially sensitive user data to others, even the cloud providers for privacy concerns. In this background, privacy-preserving technology has been researched in the field of intrusion detection, whereas a collaborative intrusion detection network (CIDN) environment still lacks of appropriate solutions due to its geographical distribution. With the advent of fog computing, in this paper, we propose a privacy-preserving framework for signature-based intrusion detection in a distributed network based on fog devices. The results in both simulated and real environments demonstrate that our proposed framework can help reserve the privacy of shared data, reduce the workload on the cloud side, and offer less detection delay as compared to similar approaches.

Research Area(s)

  • Cloud environment, Collaborate network, Fog computing, Intrusion detection, Privacy preserving