Identifying Passive Message Fingerprint Attacks via Honey Challenge in Collaborative Intrusion Detection Networks

Research output: Chapters, Conference Papers, Creative and Literary Works (RGC: 12, 32, 41, 45)32_Refereed conference paper (with ISBN/ISSN)

2 Scopus Citations
View graph of relations

Author(s)

Related Research Unit(s)

Detail(s)

Original languageEnglish
Title of host publicationProceedings - 17th IEEE International Conference on Trust, Security and Privacy in Computing and Communications and 12th IEEE International Conference on Big Data Science and Engineering
PublisherIEEE
Pages1208-1213
ISBN (Electronic)978-1-5386-4388-4
Publication statusPublished - Jul 2018

Conference

Title17th IEEE International Conference on Trust, Security and Privacy in Computing and Communications and 12th IEEE International Conference on Big Data Science and Engineering (2018 IEEE Trustcom/BigDataSE)
PlaceUnited States
CityNew York
Period31 July - 3 August 2018

Abstract

To enhance the detection capability of a single intrusion detection system (IDS), collaborative intrusion detection networks (CIDNs) have been exploited and developed via enabling a set of IDS nodes to exchange information with each other. In CIDNs, challenge-based trust mechanism has been considered as one promising solution to identify malicious nodes by evaluating the satisfaction levels between challenges and responses. However, such mechanism is still vulnerable to some advanced insider attacks like passive message fingerprint attack (PMFA), which is deemed as an advanced attack on challenge-based CIDNs by collecting messages and identifying normal requests in a passive way. In this work, we focus on PMFA and design Honey Challenge, an improved challenge mechanism for challenge-based CIDNs characterized by sending challenges in a similar way of sending normal requests, in such a way malicious nodes cannot accurately identify the normal requests. In the evaluation, we investigate the attack performance under both simulated and real network environments. Experimental results demonstrate that our proposed mechanism can identify malicious nodes under PMFA and decrease their trust values in a quick manner.

Research Area(s)

  • Challenge-based Mechanism, Collaborative Environment, Insider Threat, Intrusion Detection, Passive Message Fingerprint Attack, Trust Computation

Citation Format(s)

Identifying Passive Message Fingerprint Attacks via Honey Challenge in Collaborative Intrusion Detection Networks. / Li, Wenjuan; Meng, Weizhi; Wang, Yu; Kwok, Lam For; Lu, Rongxing.

Proceedings - 17th IEEE International Conference on Trust, Security and Privacy in Computing and Communications and 12th IEEE International Conference on Big Data Science and Engineering. IEEE, 2018. p. 1208-1213 8456036.

Research output: Chapters, Conference Papers, Creative and Literary Works (RGC: 12, 32, 41, 45)32_Refereed conference paper (with ISBN/ISSN)