Abstract
Collaborative intrusion detection systems / networks (CIDSs/CIDNs) have been widely used, aiming to enhance the performance of a single intrusion detection system (IDS), by allowing an IDS node communicating and collecting information from others. To protect such collaborative systems against insider attacks, trust management mechanisms are often deployed to evaluate the trustworthiness of a node. In particular, challenge-based mechanism attempts to identify malicious nodes by measuring the deviation between challenges and responses. However, it is found that such mechanisms may be vulnerable to advanced insider attacks like Passive Message Fingerprint Attacks (PMFA), where malicious nodes can distinguish challenges by analyzing the sending strategy. In this paper, we further analyze the effectiveness of PMFA and investigate whether an improved sending strategy can help detect malicious nodes. Our study reveals that PMFA could still be valid under even an improved sending strategy, i.e., malicious nodes can hold its reputation level by understanding the network context. We then provide some insights on how to defeat such kind of attack by properly adjusting such mechanism.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
