Skip to main content
SpringerLink
Log in
Book cover

International Conference on Future Data and Security Engineering

FDSE 2017: Future Data and Security Engineering pp 351–367Cite as

An Exact Consensus-Based Network Intrusion Detection System

  • Conference paper
  • First Online:

  • 1883 Accesses

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 10646))

Abstract

In a recent work Toulouse et al. [1] introduced a fully distributed network intrusion detection system (NIDS) based on an average consensus algorithm. In this initial work, modules of the NIDS repeatedly average their state with the state of their neighbors to converge asymptotically to a same value, which in turn is used as measurement of some relevant state of the network wide monitored traffic. In the present work, local averaging is used to implement a finite convergence procedure for the consensus-based NIDS in [1]. We call this implementation exact consensus as local averaging computes exactly in a finite number of steps a function of the initial NIDS states. Furthermore, unlike asymptotic consensus which computed only the average sum function, this new distributed protocol can compute almost any function of the initial NIDS states. Tests are performed that compare the asymptotic consensus with this new exact consensus protocol. In particular, we compare the convergence speed of the two methods given a same pre-defined level of accuracy in the decisions computed by the intrusion detection system.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Toulouse, M., Minh, B.Q., Curtis, P.: A consensus based network intrusion detection system. In: 2015 5th International Conference on IT Convergence and Security (ICITCS), pp. 1–6. IEEE (2015)

    Google Scholar 

  2. Sundaram, S., Hadjicostis, C.N.: Distributed consensus and linear functional calculation in networks: an observability perspective. In: Proceedings of the 6th International Conference on Information Processing in Sensor Networks. IPSN 2007, pp. 99–108. ACM, New York (2007). http://doi.acm.org/10.1145/1236360.1236374

  3. Sundaram, S., Hadjicostis, C.N.: Distributed function calculation and consensus using linear iterative strategies. IEEE J. Sel. Areas Commun. 26(4), 650–660 (2008). https://doi.org/10.1109/JSAC.2008.080507

    Article  Google Scholar 

  4. Wu, F.F., Monticelli, A.: Network observability: theory. IEEE Trans. Power Appar. Syst. PAS–104(5), 1042–1048 (1985)

    Article  Google Scholar 

  5. Pasqualetti, F., Bicchi, A., Bullo, F.: Consensus computation in unreliable networks: a system theoretic approach. IEEE Trans. Autom. Control 57(1), 90–104 (2012)

    Article  MATH  MathSciNet  Google Scholar 

  6. Pasqualetti, F., Bicchi, A., Bullo, F.: Distributed intrusion detection for secure consensus computations. In: 46th IEEE Conference on Decision and Control, pp. 5594–5599, December 2007

    Google Scholar 

  7. Sundaram, S., Hadjicostis, C.N.: Distributed function calculation via linear iterative strategies in the presence of malicious agents. IEEE Trans. Autom. Control 56(7), 1495–1508 (2011)

    Article  MATH  MathSciNet  Google Scholar 

  8. Sardellitti, S., Giona, M., Barbarossa, S.: Fast distributed average consensus algorithms based on advection-diffusion processes. IEEE Trans. Signal Process. 58(2), 826–842 (2010)

    Article  MathSciNet  Google Scholar 

  9. Xiao, L., Boyd, S., Lall, S.: A scheme for robust distributed sensor fusion based on average consensus. In: Proceedings of the 4th International Symposium on Information Processing in Sensor Networks. IPSN 2005. IEEE Press, Piscataway (2005). http://dl.acm.org/citation.cfm?id=1147685.1147698

  10. Lynch, N.A.: Distributed Algorithms. Morgan Kaufmann Publishers Inc., San Francisco (1996)

    MATH  Google Scholar 

  11. Vicsek, T., Czirók, A., Ben-Jacob, E., Cohen, I., Shochet, O.: Novel type of phase transition in a system of self-driven particles. Phys. Rev. Lett. 75, 1226–1229 (1995). http://link.aps.org/doi/10.1103/PhysRevLett.75.1226

    Article  MathSciNet  Google Scholar 

  12. Saber, R., Murray, R.: Consensus protocols for networks of dynamic agents. In: Proceedings of the 2003 American Control Conference, vol. 2, pp. 951–956, June 2003

    Google Scholar 

  13. Fagiolini, A., Pellinacci, M., Valenti, M., Dini, G., Bicchi, A.: Consensus-based distributed intrusion detection for multi-robot systems. In: Proceedings of IEEE International Conference on Robotics and Automation, pp. 120–127 (2008)

    Google Scholar 

  14. Tsitsiklis, J., Bertsekas, D., Athans, M.: Distributed asynchronous deterministic and stochastic gradient optimization algorithms. IEEE Trans. Autom. Control 31(9), 803–812 (1986)

    Article  MATH  MathSciNet  Google Scholar 

  15. Li, S., Oikonomou, G., Tryfonas, T., Chen, T., Xu, L.: A distributed consensus algorithm for decision-making in service-oriented internet of things. Trans. Ind. Inform. 10(2), 1461–1468 (2014). http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=6740862

    Article  Google Scholar 

  16. Narayanan, A., Bonneau, J., Felten, E., Miller, A., Goldfeder, S.: Bitcoin and Cryptocurrency Technologies: A Comprehensive Introduction. Princeton University Press, Princeton (2016)

    MATH  Google Scholar 

  17. Xiao, L., Boyd, S., Kim, S.-J.: Distributed average consensus with least-mean-square deviation. J. Parallel Distrib. Comput. 67(1), 33–46 (2007). http://dx.doi.org/10.1016/j.jpdc.2006.08.010

    Article  MATH  Google Scholar 

  18. Tavallaee, M., Bagheri, E., Lu, W., Ghorbani, A.: A detailed analysis of the KDD CUP 99 data set. In: IEEE Symposium on Computational Intelligence for Security and Defense Applications. CISDA 2009, pp. 1–6, July 2009

    Google Scholar 

  19. Lippmann, R., Haines, J.W., Fried, D.J., Korba, J., Das, K.: Analysis and results of the 1999 DARPA off-line intrusion detection evaluation. In: Debar, H., Mé, L., Wu, S.F. (eds.) RAID 2000. LNCS, vol. 1907, pp. 162–182. Springer, Heidelberg (2000). doi:10.1007/3-540-39945-3_11

    Chapter  Google Scholar 

  20. Lippmann, R., Fried, D., Graf, I., Haines, J., Kendall, K., McClung, D., Weber, D., Webster, S., Wyschogrod, D., Cunningham, R., Zissman, M.: Evaluating intrusion detection systems: the 1998 DARPA off-line intrusion detection evaluation. In: Proceedings of DARPA Information Survivability Conference and Exposition. DISCEX 2000, vol. 2, pp. 12–26 (2000)

    Google Scholar 

  21. Pasqualetti, F., Drfler, F., Bullo, F.: Attack detection and identification in cyber-physical systems. IEEE Trans. Autom. Control 58(11), 2715–2729 (2013)

    Article  MATH  MathSciNet  Google Scholar 

  22. Stepanova, T.V., Zegzhda, D.P.: Large-scale systems security evolution: control theory approach. In: Proceedings of the 8th International Conference on Security of Information and Networks. SIN 2015, pp. 135–141. ACM, New York (2015). http://doi.acm.org/10.1145/2799979.2799993

Download references

Acknowledgments

Funding for this project comes from the Professorship Start-Up Support Grant VGU-PSSG-02 of the Vietnamese-German University. The authors thank this institution for supporting this research.

Author information

Authors and Affiliations

  1. Faculty of Engineering, Vietnamese German University, Binh Duong New City, Vietnam

    Michel Toulouse & Thao Nguyen

  2. Ho Chi Minh City University of Technology, VNU-HCM, Ho Chi Minh City, Vietnam

    Quang Tran Minh

Authors
  1. Michel Toulouse
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Quang Tran Minh
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Thao Nguyen
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Michel Toulouse .

Editor information

Editors and Affiliations

  1. HCMC University of Technology, Ho Chi Minh City, Vietnam

    Tran Khanh Dang

  2. Johannes Kepler University Linz, Linz, Austria

    Roland Wagner

  3. Johannes Kepler University Linz, Linz, Austria

    Josef Küng

  4. Ho Chi Minh City University of Technolog , Ho Chi Minh City, Vietnam

    Nam Thoai

  5. Hosei University, Koganei, Tokyo, Japan

    Makoto Takizawa

  6. University of Vienna, Vienna, Austria

    Erich J. Neuhold

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Toulouse, M., Minh, Q.T., Nguyen, T. (2017). An Exact Consensus-Based Network Intrusion Detection System. In: Dang, T., Wagner, R., Küng, J., Thoai, N., Takizawa, M., Neuhold, E. (eds) Future Data and Security Engineering. FDSE 2017. Lecture Notes in Computer Science(), vol 10646. Springer, Cham. https://doi.org/10.1007/978-3-319-70004-5_25

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-70004-5_25

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-70003-8

  • Online ISBN: 978-3-319-70004-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation