Abstract
The accuracy of detecting an intrusion within a network of intrusion detection systems (IDSes) depends on the efficiency of collaboration between member IDSes. The security itself within this network is an additional concern that needs to be addressed. In this paper, we present a trust-based framework for secure and effective collaboration within an intrusion detection network (IDN). In particular, we define a trust model that allows each IDS to evaluate the trustworthiness of others based on personal experience. We prove the correctness of our approach in protecting the IDN. Additionally, experimental results demonstrate that our system yields a significant improvement in detecting intrusions. The trust model further improves the robustness of the collaborative system against malicious attacks.
Chapter PDF
Similar content being viewed by others
References
Aycock, J.: Painting the internet: A different kind of warhol worm. Technical Report, TR2006-834-27, University of Calgary (2006)
Douceur, J.: The sybil attack. In: Druschel, P., Kaashoek, M.F., Rowstron, A. (eds.) IPTPS 2002. LNCS, vol. 2429. Springer, Heidelberg (2002)
Duma, C., Karresand, M., Shahmehri, N., Caronni, G.: A trust-aware, p2p-based overlay for intrusion detection. In: DEXA Workshops, pp. 692–697 (2006)
Janakiraman, R., Zhang, M.: Indra: a peer-to-peer approach to network intrusion detection and prevention. In: WET ICE 2003. Proceedings of the 12th IEEE International Workshops on Enabling Technologies, pp. 226–231 (2003)
Jiang, T., Baras, J.: Trust evaluation in anarchy: A case study on autonomous networks. In: INFOCOM. IEEE, Los Alamitos (2006)
Li, Z., Chen, Y., Beach, A.: Towards scalable and robust distributed intrusion alert fusion with good load balancing. In: LSAD 2006: SIGCOMM workshop on Large-scale attack defense, pp. 115–122. ACM Press, New York (2006)
Moore, D., Shannon, C., Claffy, K.: Code-red: a case study on the spread and victims of an internet worm. In: IMW 2002: Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment, pp. 273–284. ACM, New York (2002)
Resnick, P., Kuwabara, K., Zeckhauser, R., Friedman, E.: Reputation systems. Commun. ACM 43(12), 45–48 (2000)
Sun, Y., Han, Z., Yu, W., Liu, K.: A trust evaluation framework in distributed networks: Vulnerability analysis and defense against attacks. In: INFOCOM. IEEE. Los Alamitos (2006)
Zhang, J., Cohen, R.: Trusting advice from other buyers in e-marketplaces: the problem of unfair ratings. In: ICEC 2006, pp. 225–234. ACM, New York (2006)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2008 IFIP International Federation for Information Processing
About this paper
Cite this paper
Fung, C.J., Baysal, O., Zhang, J., Aib, I., Boutaba, R. (2008). Trust Management for Host-Based Collaborative Intrusion Detection. In: De Turck, F., Kellerer, W., Kormentzas, G. (eds) Managing Large-Scale Service Deployment. DSOM 2008. Lecture Notes in Computer Science, vol 5273. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-87353-2_9
Download citation
DOI: https://doi.org/10.1007/978-3-540-87353-2_9
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-85999-4
Online ISBN: 978-3-540-87353-2
eBook Packages: Computer ScienceComputer Science (R0)