Dirichlet-Based Trust Management for Effective Collaborative Intrusion Detection Networks

Author

Fung, Carol J. ; Zhang, Jie ; Aib, Issam ; Boutaba, Raouf

Author_Institution

Dept. of Comput. Sci., Univ. of Waterloo, Waterloo, ON, Canada

Volume

8

Issue

2

fYear

2011

fDate

6/1/2011 12:00:00 AM

Firstpage

79

Lastpage

91

Abstract

The accuracy of detecting intrusions within a Collaborative Intrusion Detection Network (CIDN) depends on the efficiency of collaboration between peer Intrusion Detection Systems (IDSes) as well as the security itself of the CIDN. In this paper, we propose Dirichlet-based trust management to measure the level of trust among IDSes according to their mutual experience. An acquaintance management algorithm is also proposed to allow each IDS to manage its acquaintances according to their trustworthiness. Our approach achieves strong scalability properties and is robust against common insider threats, resulting in an effective CIDN. We evaluate our approach based on a simulated CIDN, demonstrating its improved robustness, efficiency and scalability for collaborative intrusion detection in comparison with other existing models.

Keywords

computer network security; groupware; peer-to-peer computing; CIDN; Dirichlet-based trust management; acquaintance management algorithm; collaborative intrusion detection networks; peer intrusion detection systems; Collaboration; Equations; Intrusion detection; Mathematical model; Peer to peer computing; Robustness; Scalability; Collaborative intrusion detection system; admission control; computer security; security management; trust management;

fLanguage

English

Journal_Title

Network and Service Management, IEEE Transactions on

Publisher

ieee

ISSN

1932-4537

Type

jour

DOI

10.1109/TNSM.2011.050311.100028

Filename

5871350