Skip to main content
SpringerLink
Log in
Book cover

International Conference on Green, Pervasive, and Cloud Computing

GPC 2017: Green, Pervasive, and Cloud Computing pp 402–415Cite as

SOOA: Exploring Special On-Off Attacks on Challenge-Based Collaborative Intrusion Detection Networks

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 10232))

Abstract

The development of collaborative intrusion detection networks (CIDNs) aims to enhance the performance of a single intrusion detection system (IDS), through communicating and collecting information from other IDS nodes. To defend CIDNs against insider attacks, trust-based mechanisms are crucial for evaluating the trustworthiness of a node. In the literature, challenge-based trust mechanisms are well established to identify malicious nodes by identifying the deviation between challenges and responses. However, such mechanisms rely on two major assumptions, which may result in a weak threat model and render CIDNs still vulnerable to advanced insider attacks in a practical deployment. In this paper, our motivation is to investigate the effect of On-Off attacks on challenge-based CIDNs. In particular, as a study, we explore a special On-Off attack (called SOOA), which can keep responding normally to one node while acting abnormally to another node. In the evaluation, we explore the attack performance under simulated CIDN environments. Experimental results indicate that our attack can interfere the effectiveness of trust computation for CIDN nodes.

W. Meng—The author was previously known as Yuxin Meng.

This is a preview of subscription content, log in via an institution.

References

  1. Cho, J.-H., Chan, K., Adali, S.: A survey on trust modeling. ACM Comput. Surv. 48(2), Article 28, 40 p, October 2015

    Google Scholar 

  2. Douceur, J.R.: The sybil attack. In: Druschel, P., Kaashoek, F., Rowstron, A. (eds.) IPTPS 2002. LNCS, vol. 2429, pp. 251–260. Springer, Heidelberg (2002). doi:10.1007/3-540-45748-8_24

    Chapter  Google Scholar 

  3. Duma, C., Karresand, M., Shahmehri, N., Caronni, G.: A trust-aware, P2P-based overlay for intrusion detection. In: DEXA Workshop, pp. 692–697 (2006)

    Google Scholar 

  4. Fung, C.J., Baysal, O., Zhang, J., Aib, I., Boutaba, R.: Trust management for host-based collaborative intrusion detection. In: Turck, F., Kellerer, W., Kormentzas, G. (eds.) DSOM 2008. LNCS, vol. 5273, pp. 109–122. Springer, Heidelberg (2008). doi:10.1007/978-3-540-87353-2_9

    Chapter  Google Scholar 

  5. Fung, C.J., Zhang, J., Aib, I., Boutaba, R.: Robust and scalable trust management for collaborative intrusion detection. In: Proceedings of the 11th IFIP/IEEE International Conference on Symposium on Integrated Network Management (IM), pp. 33–40 (2009)

    Google Scholar 

  6. Fung, C.J., Boutaba, R.: Design and management of collaborative intrusion detection networks. In: Proceedings of the 2013 IFIP/IEEE International Symposium on Integrated Network Management (IM), pp. 955–961 (2013)

    Google Scholar 

  7. Gong, F.: Next generation intrusion detection systems (IDS). McAfee Network Security Technologies Group (2003)

    Google Scholar 

  8. Li, W., Meng, Y., Kwok, L.-F.: Enhancing trust evaluation using intrusion sensitivity in collaborative intrusion detection networks: feasibility and challenges. In: Proceedings of the 9th International Conference on Computational Intelligence and Security (CIS), pp. 518–522. IEEE (2013)

    Google Scholar 

  9. Li, W., Meng, W., Kwok, L.-F.: Design of intrusion sensitivity-based trust management model for collaborative intrusion detection networks. In: Zhou, J., Gal-Oz, N., Zhang, J., Gudes, E. (eds.) IFIPTM 2014. IAICT, vol. 430, pp. 61–76. Springer, Heidelberg (2014). doi:10.1007/978-3-662-43813-8_5

    Google Scholar 

  10. Li, W., Meng, W.: Enhancing collaborative intrusion detection networks using intrusion sensitivity in detecting pollution attacks. Inf. Comput. Secur. 24(3), 265–276 (2016). Emerald

    Article  Google Scholar 

  11. Li, W., Meng, Y., Kwok, L.-F., Ip, H.H.S.: PMFA: toward passive message fingerprint attacks on challenge-based collaborative intrusion detection networks. In: Chen, J., Piuri, V., Su, C., Yung, M. (eds.) NSS 2016. LNCS, vol. 9955, pp. 433–449. Springer, Cham (2016). doi:10.1007/978-3-319-46298-1_28

    Chapter  Google Scholar 

  12. Li, W., Meng, Y., Kwok, L.-F., Ip, H.H.S.: Enhancing collaborative intrusion detection networks against insider attacks using supervised intrusion sensitivity-based trust management model. J. Netw. Comput. Appl. 77, 135–145 (2017). Elsevier

    Article  Google Scholar 

  13. Meng, Y., Li, W., Xiang, Y., Choo, K.-K.R.: A bayesian inference-based detection mechanism to defend medical smartphone networks against insider attacks. J. Netw. Comput. Appl. 78, 162–169 (2017)

    Article  Google Scholar 

  14. Perrone, L.P., Nelson, S.C.: A study of on-off attack models for wireless ad hoc networks. In: Proceedings of the 2006 Workshop on Operator-Assisted Community Networks, pp. 1–10 (2006)

    Google Scholar 

  15. Scarfone, K., Mell, P.: NIST Special Publication 800–94, Guide to Intrusion Detection and Prevention Systems (IDPS) (2007)

    Google Scholar 

  16. Snort: An an open source network intrusion prevention and detection system (IDS/IPS). http://www.snort.org/

  17. Wu, Y.-S., Foo, B., Mei, Y., Bagchi, S.: Collaborative intrusion detection system (CIDS): a framework for accurate and efficient IDS. In: Proceedings of the 2003 Annual Computer Security Applications Conference (ACSAC), pp. 234–244 (2003)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, City University of Hong Kong, Kowloon Tong, Hong Kong

    Wenjuan Li & Lam-For Kwok

  2. Department of Applied Mathematics and Computer Science, Technical University of Denmark, Kongens Lyngby, Denmark

    Weizhi Meng

Authors
  1. Wenjuan Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Weizhi Meng
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Lam-For Kwok
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Weizhi Meng .

Editor information

Editors and Affiliations

  1. Hong Kong Polytechnic University, Hong Kong, Hong Kong

    Man Ho Allen Au

  2. University of Salerno, Fisciano, Italy

    Arcangelo Castiglione

  3. University of Texas at San Antonio, San Antonio, Texas, USA

    Kim-Kwang Raymond Choo

  4. University of Salerno, Fisciano, Italy

    Francesco Palmieri

  5. Providence University, Taichung City, Taiwan

    Kuan-Ching Li

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Cite this paper

Li, W., Meng, W., Kwok, LF. (2017). SOOA: Exploring Special On-Off Attacks on Challenge-Based Collaborative Intrusion Detection Networks. In: Au, M., Castiglione, A., Choo, KK., Palmieri, F., Li, KC. (eds) Green, Pervasive, and Cloud Computing. GPC 2017. Lecture Notes in Computer Science(), vol 10232. Springer, Cham. https://doi.org/10.1007/978-3-319-57186-7_30

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-57186-7_30

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-57185-0

  • Online ISBN: 978-3-319-57186-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation