The threat of cyber-attacks is ever increasing in today’s society. There is a clear need for better and more effective defensive tools. Intrusion detection can be defined as the detection of anomalous behavior either in the host or in the network. An intrusion detection system can be used to identify the anomalous behavior of the system. The two major tasks of intrusion detection are to monitor data and raise an alert to the system administrators when an intrusion takes place. The current intrusion detection system is incapable of tackling sophisticated attacks which take place on the entire network containing large number of nodes while maintaining a low number of login attempts on each node in the system. A collaborative intrusion detection system (CIDS) was designed to remove the inefficiency of the current intrusion detection system which failed to detect coordinated distributed attacks. The main problem in the CIDS is the concept of trust. Hosts in the network need to trust the data sent by other peers in the network. To bring in the concept of trust and implement the proof-of-concept, blockchain was used. Pluggable authentication modules (PAM) were also used to track login activity securely before an intruder could modify the login activity. To implement blockchain, an Ethereum-based private blockchain was used.
Read full abstract