IDEAS home Printed from https://ideas.repec.org/a/gam/jftint/v10y2018i1p6-d125911.html
   My bibliography  Save this article

Investigating the Influence of Special On–Off Attacks on Challenge-Based Collaborative Intrusion Detection Networks

Author

Listed:
  • Wenjuan Li

    (Department of Computer Science, City University of Hong Kong, Hong Kong, China)

  • Weizhi Meng

    (Department of Applied Mathematics and Computer Science, Technical University of Denmark, 2800 Kongens Lyngby, Denmark)

  • Lam For Kwok

    (Department of Computer Science, City University of Hong Kong, Hong Kong, China)

Abstract

Intrusions are becoming more complicated with the recent development of adversarial techniques. To boost the detection accuracy of a separate intrusion detector, the collaborative intrusion detection network (CIDN) has thus been developed by allowing intrusion detection system (IDS) nodes to exchange data with each other. Insider attacks are a great threat for such types of collaborative networks, where an attacker has the authorized access within the network. In literature, a challenge-based trust mechanism is effective at identifying malicious nodes by sending challenges. However, such mechanisms are heavily dependent on two assumptions, which would cause CIDNs to be vulnerable to advanced insider attacks in practice. In this work, we investigate the influence of advanced on–off attacks on challenge-based CIDNs, which can respond truthfully to one IDS node but behave maliciously to another IDS node. To evaluate the attack performance, we have conducted two experiments under a simulated and a real CIDN environment. The obtained results demonstrate that our designed attack is able to compromise the robustness of challenge-based CIDNs in practice; that is, some malicious nodes can behave untruthfully without a timely detection.

Suggested Citation

  • Wenjuan Li & Weizhi Meng & Lam For Kwok, 2018. "Investigating the Influence of Special On–Off Attacks on Challenge-Based Collaborative Intrusion Detection Networks," Future Internet, MDPI, vol. 10(1), pages 1-16, January.
    • Handle: RePEc:gam:jftint:v:10:y:2018:i:1:p:6-:d:125911
    as

    Download full text from publisher

    File URL: https://www.mdpi.com/1999-5903/10/1/6/pdf
    Download Restriction: no
    File URL: https://www.mdpi.com/1999-5903/10/1/6/
    Download Restriction: no
    ---><---

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Georgios Kambourakis & Felix Gomez Marmol & Guojun Wang, 2018. "Security and Privacy in Wireless and Mobile Networks," Future Internet, MDPI, vol. 10(2), pages 1-3, February.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:gam:jftint:v:10:y:2018:i:1:p:6-:d:125911. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    We have no bibliographic references for this item. You can help adding them by using this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: MDPI Indexing Manager (email available below). General contact details of provider: https://www.mdpi.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.