On Blockchain Architectures for Trust-Based Collaborative Intrusion Detection
This addresses security challenges in intrusion detection systems for network administrators, but it is incremental as it builds on existing blockchain and CIDN research.
The paper tackles the problem of trust management in collaborative intrusion detection networks (CIDNs) by proposing a trust-based blockchain architecture, called trust-chain, to secure information sharing and collaboration among IDS nodes, resulting in enhanced integrity, accountability, and resilience against insider attacks.
This paper considers the use of novel technologies for mitigating attacks that aim at compromising intrusion detection systems (IDSs). Solutions based on collaborative intrusion detection networks (CIDNs) could increase the resilience against such attacks as they allow IDS nodes to gain knowledge from each other by sharing information. However, despite the vast research in this area, trust management issues still pose significant challenges and recent works investigate whether these could be addressed by relying on blockchain and related distributed ledger technologies. Towards that direction, the paper proposes the use of a trust-based blockchain in CIDNs, referred to as trust-chain, to protect the integrity of the information shared among the CIDN peers, enhance their accountability, and secure their collaboration by thwarting insider attacks. A consensus protocol is proposed for CIDNs, which is a combination of a proof-of-stake and proof-of-work protocols, to enable collaborative IDS nodes to maintain a reliable and tampered-resistant trust-chain.