A Trust-Aware, P2P-Based Overlay for Intrusion Detection

Author

Duma, Claudiu ; Karresand, Martin ; Shahmehri, Nahid ; Caronni, Germano

Author_Institution

Dept. of Comput. & Inf. Sci., Linkopings Univ.

fYear

0

fDate

0-0 0

Firstpage

692

Lastpage

697

Abstract

Collaborative intrusion detection systems (IDSs) have a great potential for addressing the challenges posed by the increasing aggressiveness of current Internet attacks. However, one of the major concerns with the proposed collaborative IDSs is their vulnerability to the insider threat. Malicious intruders, infiltrating such a system, could poison the collaborative detectors with false alarms, disrupting the intrusion detection functionality and placing at risk the whole system. In this paper, we propose a P2P-based overlay for intrusion detection (overlay IDS) that addresses the insider threat by means of a trust-aware engine for correlating alerts and an adaptive scheme for managing trust. We have implemented our system using JXTA framework and we have evaluated its effectiveness for preventing the spread of a real Internet worm over an emulated network. The evaluation results show that our overlay IDS significantly increases the overall survival rate of the network

Keywords

Internet; peer-to-peer computing; security of data; Internet attacks; Internet worm; JXTA framework; collaborative intrusion detection systems; overlay IDS; trust management; trust-aware P2P-based overlay; trust-aware engine; Collaboration; Computer worms; Face detection; IP networks; Information science; Internet; Intrusion detection; Laboratories; Protection; Search engines;

fLanguage

English

Publisher

ieee

Conference_Titel

Database and Expert Systems Applications, 2006. DEXA '06. 17th International Workshop on

Conference_Location

Krakow

ISSN

1529-4188

Print_ISBN

0-7695-2641-1

Type

conf

DOI

10.1109/DEXA.2006.21

Filename

1698432