Towards Effective Trust-Based Packet Filtering in Collaborative Network Environments

Meng, Weizhi; Li, Wenjuan; Kwok, Lam For

doi:10.1109/tnsm.2017.2664893

Cited by 45 publications

(32 citation statements)

References 33 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In challenge-based CIDNs, the trustworthiness of a node is mainly determined by challenges, whereas it may still leave a chance for attackers. To further increase the robustness of CIDNs, additional measures can be used to calculate the trust values of a node, like packet-level trust [26]. -Scalability.…”

Section: Discussionmentioning

confidence: 99%

“…They also studied how to apply intrusion sensitivity for aggregating alarms and defending against pollution attacks, in which a group of malicious peers collaborate together by providing false alarm rankings [15]. Some other related work regarding how to enhance the performance of IDSs can be referred to [4,5,10,[19][20][21][22][23][24][25][26][27][28][29]…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Evaluating the Impact of Intrusion Sensitivity on Securing Collaborative Intrusion Detection Networks Against SOOA

Madsen

Meng

et al. 2018

Algorithms and Architectures for Parallel Processing

Self Cite

View full text Add to dashboard Cite

Cyber attacks are greatly expanding in both size and complexity. To handle this issue, research has been focused on collaborative intrusion detection networks (CIDNs), which can improve the detection accuracy of a single IDS by allowing various nodes to communicate with each other. While such collaborative system or network is vulnerable to insider attacks, which can significantly reduce the advantages of a detector. To protect CIDNs against insider attacks, one potential way is to enhance the trust evaluation among IDS nodes, i.e., by emphasizing the impact of expert nodes. In this work, we adopt the notion of intrusion sensitivity that assigns different values of detection capability relating to particular attacks, and evaluate its impact on defending against a special On-Off attack (SOOA). In the evaluation, we investigate the impact of intrusion sensitivity in a simulated CIDN environment, and experimental results demonstrate that the use of intrusion sensitivity can help enhance the security of CIDNs under adversarial scenarios, like SOOA.

show abstract

Section: Discussionmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

Evaluating the Impact of Intrusion Sensitivity on Securing Collaborative Intrusion Detection Networks Against SOOA

Madsen

Meng

et al. 2018

Algorithms and Architectures for Parallel Processing

Self Cite

View full text Add to dashboard Cite

show abstract

“…The IDSaaS was developed to monitor and log suspicious network behaviors between virtual machines and within a Virtual Private Cloud (VPC). Several research papers regarding cloud security and IDSs can refer to other works …”

Section: Related Workmentioning

confidence: 99%

“…Then, Vieira et al 45 [49][50][51][52][53][54][55][56] It is easily visible that the cloud environment can offer great and sufficient computing resources to an IDS, while an IDS can provide indispensable protection to safeguard the cloud environment. In this work, we focus on improving the performance of an IDS by means of cloud computing in the particular fields of adaptive false alarm reduction.…”

Section: Cloud-based Intrusion Detectionmentioning

confidence: 99%

Adaptive machine learning‐based alarm reduction via edge computing for distributed intrusion detection systems

Wang

Meng

et al. 2019

Concurrency and Computation

Self Cite

View full text Add to dashboard Cite

Summary To protect assets and resources from being hacked, intrusion detection systems are widely implemented in organizations around the world. However, false alarms are one challenging issue for such systems, which would significantly degrade the effectiveness of detection and greatly increase the burden of analysis. To solve this problem, building an intelligent false alarm filter using machine learning classifiers is considered as one promising solution, where an appropriate algorithm can be selected in an adaptive way in order to maintain the filtration accuracy. By means of cloud computing, the task of adaptive algorithm selection can be offloaded to the cloud, whereas it could cause communication delay and increase additional burden. In this work, motivated by the advent of edge computing, we propose a framework to improve the intelligent false alarm reduction for DIDS based on edge computing devices. Our framework can provide energy efficiency as the data can be processed at the edge for shorter response time. The evaluation results demonstrate that our framework can help reduce the workload for the central server and the delay as compared to the similar studies.

show abstract

“…Figure 9 shows the scheme of management of firewall. Depending on the type of managed computer connection, the administrator will be able to access the WEB-Interface management or the toolkit interface [26]- [27]. The access level through the team interface is high.…”

Section: Registration Of Packetsmentioning

confidence: 99%

Methods for Applying of Scheme of Packet Filtering Rules

Bakhodir*¹,

Nurbek²,

Odil³

2019

IJITEE

View full text Add to dashboard Cite

This article is devoted to research methods for applying of scheme of packet filtering rules. The scheme of the Firewall is developed on corporate network to allow protect the network system from information security threat. Use of Firewall in different mode of protection in the corporate networks is given which is accessed to segment information resources under the administrator's rules. Filtering packets rule is worked out according to the state of the virtual connection that the process moving of packets is determined by flags and sequence numbers of head IP addresses. The system logging log is designed to record a message about events that involve firewall operating system management activities and events that are fraught with an intersection-related event log. Consequently, the offered rules of packet filtering protected the network traffic from unwanted action. Furthermore, the rules of packet filtering is formed, allowing to observe and management access to resource users on the Web content.

show abstract

Towards Effective Trust-Based Packet Filtering in Collaborative Network Environments

Cited by 45 publications

References 33 publications

Evaluating the Impact of Intrusion Sensitivity on Securing Collaborative Intrusion Detection Networks Against SOOA

Evaluating the Impact of Intrusion Sensitivity on Securing Collaborative Intrusion Detection Networks Against SOOA

Adaptive machine learning‐based alarm reduction via edge computing for distributed intrusion detection systems

Methods for Applying of Scheme of Packet Filtering Rules

Contact Info

Product

Resources

About