Incremental Database Based on Distributed Ledger Technology for IDSs

GLOBECOM 2020 - 2020 IEEE Global Communications Conference Pub Date : 2020-12-01 DOI:10.1109/GLOBECOM42002.2020.9322308

Junwei Liang, M. Ma

{"title":"Incremental Database Based on Distributed Ledger Technology for IDSs","authors":"Junwei Liang, M. Ma","doi":"10.1109/GLOBECOM42002.2020.9322308","DOIUrl":null,"url":null,"abstract":"Intrusion Detection Systems (IDS) is an important technology for cyber security, as it can mitigate both inner and outer threats in networks. However, a critical problem in IDSs is that the detection capacity is gradually decaying with the emergence of unknown attacks. To constantly retrain IDSs with a more extensive database is critical to make IDSs adaptive with the ever-changing network environment, but the security institutes usually lack the motivation to persistently update and maintain the database for public. Thus, in this paper, a blockchain-based database (bc-DB) is proposed, which is multilaterally maintained by the security institutes and universities using Data Coins (DCoins) as the incentives. In addition, a Lifetime Learning IDS (LL-IDS) is further designed as the supplement of the bc-DB for common IDS users. After being retrained by the latest bc-DB, the LL-IDS can detect the newly discovered attacks while uploading the suspect network packets to the database. Simulation experiments show that the proposed LL-IDS with the bc-DB are secure and effectiveness in attacks detection.","PeriodicalId":12759,"journal":{"name":"GLOBECOM 2020 - 2020 IEEE Global Communications Conference","volume":"102 1","pages":"1-6"},"PeriodicalIF":0.0000,"publicationDate":"2020-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"GLOBECOM 2020 - 2020 IEEE Global Communications Conference","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/GLOBECOM42002.2020.9322308","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

Abstract

Intrusion Detection Systems (IDS) is an important technology for cyber security, as it can mitigate both inner and outer threats in networks. However, a critical problem in IDSs is that the detection capacity is gradually decaying with the emergence of unknown attacks. To constantly retrain IDSs with a more extensive database is critical to make IDSs adaptive with the ever-changing network environment, but the security institutes usually lack the motivation to persistently update and maintain the database for public. Thus, in this paper, a blockchain-based database (bc-DB) is proposed, which is multilaterally maintained by the security institutes and universities using Data Coins (DCoins) as the incentives. In addition, a Lifetime Learning IDS (LL-IDS) is further designed as the supplement of the bc-DB for common IDS users. After being retrained by the latest bc-DB, the LL-IDS can detect the newly discovered attacks while uploading the suspect network packets to the database. Simulation experiments show that the proposed LL-IDS with the bc-DB are secure and effectiveness in attacks detection.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

基于分布式账本技术的ids增量数据库

入侵检测系统(IDS)是一项重要的网络安全技术，因为它可以缓解网络中的内部和外部威胁。然而，入侵防御系统的一个关键问题是，随着未知攻击的出现，检测能力逐渐衰减。为了使ids适应不断变化的网络环境，不断地用更广泛的数据库对ids进行再培训是至关重要的，但安全机构通常缺乏持续更新和维护公共数据库的动力。因此，本文提出了一个基于区块链的数据库(bc-DB)，该数据库由安全机构和大学以数据币(DCoins)作为激励机制进行多边维护。此外，针对普通IDS用户，进一步设计了终身学习IDS (LL-IDS)，作为bc-DB的补充。经过最新的bc-DB重新训练后，LL-IDS可以检测到新发现的攻击，同时将可疑的网络报文上传到数据库。仿真实验表明，基于bc-DB的LL-IDS具有安全、有效的攻击检测功能。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

GLOBECOM 2020 - 2020 IEEE Global Communications Conference

自引率

0.00%

发文量