Skip to main content
SpringerLink
Log in

A Framework of Blockchain-Based Collaborative Intrusion Detection in Software Defined Networking

  • Conference paper
  • First Online:
Network and System Security (NSS 2020)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 12570))

Included in the following conference series:

Abstract

To protect network assets from various cyber intrusions and fit the distributed environments like Internet of Things (IoTs), collaborative intrusion detection systems (CIDSs) are widely implemented allowing each detection node to exchange required data and information. This aims to improve the detection performance against some complicated attacks. In recent years, software defined networking (SDN) is developing rapidly, which can simplify the network complexity by separating the controller plane from the forwarding plane. In this way, the controller can manage the whole network without knowing the underlying structure and devices. To identify underlying malicious nodes or devices, CIDSs are still an important solution to secure SDN, but might be vulnerable to insider threats, in which an attacker can behave maliciously insider the network. In this work, we focus on this issue and advocate the merit on combining trust management and blockchain technology. Trust management can help evaluate the trustworthiness of each node, and blockchain technology can allow communication without a trusted party while ensuring the integrity of shared data. We then introduce a general framework of blockchain-based collaborative intrusion detection in SDN. In the study, we take challenge-based CIDS as a case, and evaluate our framework performance under both external and internal attacks. Our results indicate the viability and effectiveness of our framework.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 79.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 99.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Alexopoulos, N., Vasilomanolakis, E., Ivanko, N.R., Muhlhauser, M.: Towards blockchain-based collaborative intrusion detection systems. In: Proceedings of the 12th International Conference on Critical Information Infrastructures Security, pp. 1–12 (2017)

    Google Scholar 

  2. Alsmadi, I., Xu, D.: Security of software defined networks: a survey. Comput. Secur. 53, 79–108 (2015)

    Article  Google Scholar 

  3. Chen, X.F., Yu, S.Z.: CIPA: a collaborative intrusion prevention architecture for programmable network and SDN. Comput. Secur. 58, 1–19 (2016)

    Article  Google Scholar 

  4. Chin, T., Xiong, K., Rahouti, M.: SDN-based kernel modular countermeasure for intrusion detection. SecureComm 2017, 270–290 (2017)

    Google Scholar 

  5. Chiu, W.-Y., Meng, W., Jensen, C.D.: NoPKI - a point-to-point trusted third party service based on bockchain consensus algorithm. In: Xu, G., Liang, K., Su, C. (eds.) FCS 2020. CCIS, vol. 1286, pp. 197–214. Springer, Singapore (2020). https://doi.org/10.1007/978-981-15-9739-8_16

    Chapter  Google Scholar 

  6. Duma, C., Karresand, M., Shahmehri, N., Caronni, G.: A Trust-aware, P2P-based overlay for intrusion detection. In: DEXA Workshop, pp. 692–697 (2006)

    Google Scholar 

  7. Eskandari, M., Janjua, Z.H., Vecchio, M., Antonelli, F.: Passban IDS: an intelligent anomaly-based intrusion detection system for IoT edge devices. IEEE Internet Things J. 7(8), 6882–6897 (2020)

    Article  Google Scholar 

  8. Fung, C.J., Baysal, O., Zhang, J., Aib, I., Boutaba, R.: Trust management for host-based collaborative intrusion detection. In: De Turck, F., Kellerer, W. Kormentzas, G. (eds.): DSOM 2008, LNCS 5273, pp. 109–122 (2008)

    Google Scholar 

  9. Golomb, T., Mirsky, Y., Elovici, Y.: CIoTA: Collaborative IoT anomaly detection via blockchain. In: Proceedings of workshop on Decentralized IoT Security and Standards (DISS), pp. 1–6 (2018)

    Google Scholar 

  10. Hu, B., Zhou, C., Tian, Y.-C., Qin, Y., Junping, X.: A collaborative intrusion detection approach using blockchain for multimicrogrid systems. IEEE Trans. Syst. Man Cybern. Syst. 49(8), 1720–1730 (2019)

    Article  Google Scholar 

  11. Hyperledger C Open Source Blockchain Technologies. https://www.hyperledger.org/

  12. Kalodner, H., Goldfeder, S., Chen, X., Weinberg, S., Felten, E.W.: Arbitrum: scalable, private smart contracts. In: Proceedings of 27th USENIX Security Symposium (USENIX Security), August 15C17 (2018)

    Google Scholar 

  13. Kanth, V., McAbee, A., Tummala, M., McEachen, J.C.: Collaborative Intrusion Detection leveraging Blockchain and Pluggable Authentication Modules. In: Proceedings of HICSS, pp. 1–7 (2020)

    Google Scholar 

  14. Krupp, J., Rossow, C.: teEther: gnawing at ethereum to automatically exploit smart contracts. In: Proceedings of 27th USENIX Security Symposium (USENIX Security), Baltimore, MD, USA, August 15C17 (2018)

    Google Scholar 

  15. Lamb, C.C., Heileman, G.L.: Towards robust trust in software defined networks. GLOBECOM Workshops, pp. 166–171 (2014)

    Google Scholar 

  16. Lee, W., Cabrera, J.B.D., Thomas, A., Balwalli, N., Saluja, S., Zhang, Y.: Performance Adaptation in Real-Time Intrusion Detection Systems. RAID 2002, 252–273 (2002)

    MATH  Google Scholar 

  17. Li, W., Meng, W., Kwok, L.F.: A survey on openflow-based software defined networks: security challenges and countermeasures. J. Netw. Comput. Appl. 68, 126–139 (2016)

    Article  Google Scholar 

  18. Li, W., Meng, Y., Kwok, L.-F.: Enhancing trust evaluation using intrusion sensitivity in collaborative intrusion detection networks: feasibility and challenges. In: Proceedings of the 9th International Conference on Computational Intelligence and Security (CIS), pp. 518–522. IEEE (2013)

    Google Scholar 

  19. Li, W., Meng, W., Kwok, L.-F.: Design of intrusion sensitivity-based trust management model for collaborative intrusion detection networks. In: Zhou, J., Gal-Oz, N., Zhang, J., Gudes, E. (eds.) IFIPTM 2014. IAICT, vol. 430, pp. 61–76. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-43813-8_5

    Chapter  Google Scholar 

  20. Li, W., Meng, W.: Enhancing collaborative intrusion detection networks using intrusion sensitivity in detecting pollution attacks. Inf. Comput. Secur. 24(3), 265–276 (2016)

    Article  Google Scholar 

  21. Li, W., Tug, S., Meng, W., Wang, Y.: Designing collaborative blockchained signature-based intrusion detection in IoT environments. Future Gen. Comput. Syst. 96, 481–489 (2019)

    Article  Google Scholar 

  22. Li, W., Wang, Y., Jin, Z., Yu, K., Li, J., Xiang, Y.: Challenge-based collaborative intrusion detection in software defined networking: an evaluation. Digit. Commun. Netw. In press, Elsevier

    Google Scholar 

  23. Li, W., Meng, W., Liu, Z., Au, M.H.: Towards blockchain-based software-defined networking: security challenges and solutions. IEICE Trans. Inf. Syst. 103(2), 196–203 (2020)

    Article  Google Scholar 

  24. Liu, L., Yang, J., Meng, W.: Detecting malicious nodes via gradient descent and support vector machine in Internet of Things. Comput. Electr. Eng. 77, 339–353 (2019)

    Article  Google Scholar 

  25. Meng, Y.: The practice on using machine learning for network anomaly intrusion detection. In: Proceedings of the 2011 International Conference on Machine Learning and Cybernetics (ICMLC 2011), pp. 576–581. IEEE (2011)

    Google Scholar 

  26. Meng, W., Li, W., Kwok, L.-F.: Design of intelligent KNN-based alarm filter using knowledge-based alert verification in intrusion detection. Secur. Commun. Netw. 8(18), 3883–3895 (2015)

    Article  Google Scholar 

  27. Meng, W., Raymond Choo, K.K., Furnell, S., Vasilakos, A.V., Probst, C.W.: Towards bayesian-based trust management for insider attacks in healthcare software-defined networks. IEEE Trans. Netw. Serv. Manage. 15(2), 761–773 (2018)

    Article  Google Scholar 

  28. Meng, W., et al.: Position paper on blockchain technology: smart contract and applications. The 12th International Conference on Network and System Security (NSS), pp. 474–483 (2018)

    Google Scholar 

  29. Meng, W., Tischhauser, E.W., Wang, Q., Wang, Y., Han, J.: When intrusion detection meets blockchain technology: a review. IEEE Access 6(1), 10179–10188 (2018)

    Article  Google Scholar 

  30. Meng, W., Li, W., Yang, L.T., Li, P.: Enhancing challenge-based collaborative intrusion detection networks against insider attacks using blockchain. Int. J. Inf. Secur. 19(3), 279–290 (2019). https://doi.org/10.1007/s10207-019-00462-x

    Article  Google Scholar 

  31. Meng, W., Li, W., Zhu, L.: Enhancing medical smartphone networks via blockchain-based trust management against insider attacks. IEEE Trans. Eng. Manage. 67(4), 1377–1386 (2020)

    Article  Google Scholar 

  32. Meng, Y., Li, W.: Adaptive character frequency-based exclusive signature matching scheme in distributed intrusion detection environment. In: Proceedings of the 11th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), pp. 223–230 (2012)

    Google Scholar 

  33. Meng, W., Li, W., Tug, S., Tan, J.: Towards blockchain-enabled single character frequency-based exclusive signature matching in IoT-assisted smart cities. J. Parallel Distrib. Comput. 144, 268–277 (2020)

    Article  Google Scholar 

  34. Meng, W., Li, W., Yang, L.T., Li, P.: Enhancing challenge-based collaborative intrusion detection networks against insider attacks using blockchain. Int. J. Inf. Sec. 19(3), 279–290 (2020)

    Article  Google Scholar 

  35. Mu, Y., Rezaeibagha, F., Huang, K.: Policy-driven blockchain and its applications for transport systems. IEEE Trans. Serv. Comput. 13(2), 230–240 (2020)

    Google Scholar 

  36. Nakamoto, S.: Bitcoin: A peer-to-peer electronic cash system (2008). http://bitcoin.org/bitcoin.pdf

  37. NetScanTools. (access on July 2020) https://www.netscantools.com/nstpro_packet_generator.html

  38. OpenFlow Switch Specification - Open Networking Foundation. https://www.opennetworking.org/wp-content/uploads/2014/10/openflow-switch-v1.5.1.pdf

  39. Open vSwitch, an open virtual switch. http://openvswitch.org/. Accessed June 2020

  40. Veeraiah, N., Krishna, B.T.: Trust-aware FuzzyClus-Fuzzy NB: intrusion detection scheme based on fuzzy clustering and Bayesian rule. Wirel. Netw. 25(7), 4021–4035 (2019)

    Article  Google Scholar 

  41. The POX Controller. https://github.com/noxrepo/pox/>. Accessed March 2020

  42. Paladi, N., Gehrmann, C.: Bootstrapping trust in software defined networks. EAI Endorsed Trans. Secur. Safe. 4(11), e5 (2017)

    Google Scholar 

  43. Pirtle, C., Ehrenfeld, J.M.: Blockchain for healthcare: the next generation of medical records? J. Medical Syst. 42(9), 1–3 (2018)

    Article  Google Scholar 

  44. Ujjan, R.M.A., Pervez, Z., Dahal, K.P.: Snort based collaborative intrusion detection system using Blockchain in SDN. In: Proceedings of SKIMA, pp. 1–8 (2019)

    Google Scholar 

  45. Scarfone, K., Mell, P.: Guide to Intrusion Detection and Prevention Systems (IDPS). NISTSpecial Publication, 800-894 (2007)

    Google Scholar 

  46. Sahay, R., Meng, W., Jensen, C.D.: The application of software defined networking on securing computer networks: a survey. J. Netw. Comput. Appl. 131, 89–108 (2019)

    Article  Google Scholar 

  47. What is SDN and where software-defined networking is going. https://www.networkworld.com/article/3209131/what-sdn-is-and-where-its-going.html. Accessed 1 Sept 2020

  48. Snort: An an open source network intrusion prevention and detection system (IDS/IPS). Homepage: http://www.snort.org/

  49. Steichen, M., Hommes, S., State, R.: ChainGuard - A firewall for blockchain applications using SDN with openflow. In: Proceedings of International Conference on Principles, Systems and Applications of IP Telecommunications (IPTComm), pp. 1–8 (2017)

    Google Scholar 

  50. Tan, K.M.C., Killourhy, K.S., Maxion, R.A.: Undermining an anomaly-based intrusion detection system using common exploits. Proc. RAID 2002, 54–73 (2002)

    MATH  Google Scholar 

  51. Tug, S., Meng, W., Wang, Y.: CBSigIDS: towards collaborative blockchained signature-based intrusion detection. In: Proceedings of The 1st IEEE International Conference on Blockchain (Blockchain), pp. 1228–1235 (2018)

    Google Scholar 

  52. Wood, G.: Ethereum: A secure decentralised generalised transaction ledger. EIP-150 Revision (2016)

    Google Scholar 

  53. Wüst, K., Gervais, A.: Do you need a blockchain? In: CVCBT, pp. 45–54 (2018)

    Google Scholar 

  54. Yan, Z., Zhang, P., Vasilakos, A.V.: A security and trust framework for virtualized networks and software-defined networking. Secur. Commun. Netw. 9(16), 3059–3069 (2016)

    Article  Google Scholar 

  55. Zhang, D., Yu, F.R., Yang, R., Tang, H.: A deep reinforcement learning-based trust management scheme for software-defined vehicular networks. DIVANet@MSWiM, pp. 1–7 (2018)

    Google Scholar 

Download references

Acknowledgments

This work was partially supported by National Natural Science Foundation of China (No. 61802080 and 61802077).

Author information

Authors and Affiliations

  1. Institute of Artificial Intelligence and Blockchain, Guangzhou University, Guangzhou, China

    Wenjuan Li & Yu Wang

  2. Department of Applied Mathematics and Computer Science, Technical University of Denmark, Kongens Lyngby, Denmark

    Wenjuan Li

  3. KOTO Research Center, Macao, China

    Jiao Tan

Authors
  1. Wenjuan Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jiao Tan
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yu Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Yu Wang .

Editor information

Editors and Affiliations

  1. Wrocław University of Technology, Wroclaw, Poland

    Mirosław Kutyłowski

  2. Swinburne University of Technology, Hawthorn, VIC, Australia

    Jun Zhang

  3. James Cook University, Douglas, QLD, Australia

    Chao Chen

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Li, W., Tan, J., Wang, Y. (2020). A Framework of Blockchain-Based Collaborative Intrusion Detection in Software Defined Networking. In: Kutyłowski, M., Zhang, J., Chen, C. (eds) Network and System Security. NSS 2020. Lecture Notes in Computer Science(), vol 12570. Springer, Cham. https://doi.org/10.1007/978-3-030-65745-1_15

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-65745-1_15

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-65744-4

  • Online ISBN: 978-3-030-65745-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation