Collaborative Intrusion Detection Networks and Insider Attacks

  • Fung C
  • 43

    Readers

    Mendeley users who have this article in their library.
  • 25

    Citations

    Citations of this article.

Abstract

Cyber intrusion is becoming an increasingly global and urgent problem. Intrusion Detection Systems (IDSs) are deployed to identify intrusions and mitigate their damage. A stand alone IDS does not have complete information or knowledge to detect intrusions. A Collaborative Intrusion Detection Network (CIDN) consists in a set of cooperating IDSs which use collective knowledge and experience to achieve improved intrusion detection accuracy. However, insider attackers may severely degrade the efficiency of CIDNs. This paper provides a survey of some CIDNs and analyzes their robustness against insider attacks. We first classify network intrusions, IDSs, and insider attacks for CIDNs according to their behaviors and the techniques they use. A taxonomy of CIDNs is then provided with an analysis based on criteria of topology, scope, specialization, data privacy awareness, and their vulnerabilities to insider attacks. Some of the open challenges and future directions in cooperative CIDNs are discussed in the last section.

Get free article suggestions today

Mendeley saves you time finding and organizing research

Sign up here
Already have an account ?Sign in

Find this document

  • PUI: 370076398
  • ISSN: 20935382
  • SGR: 80455152191
  • SCOPUS: 2-s2.0-80455152191

Authors

  • Carol Fung

Cite this document

Choose a citation style from the tabs below

Save time finding and organizing research with Mendeley

Sign up for free