Dissertations and Theses
Date of Award
2021
Document Type
Dissertation
Department
Engineering
First Advisor
Tarek Saadawi
Keywords
Blockchain, Cybersecurity, Cooperative intrusion detection system, Latency, Healthcare, Electronic Health Records, Cyberattacks, Features, Signatures
Abstract
One effective way of detecting malicious traffic in computer networks is intrusion detection systems (IDS). Despite the increased accuracy of IDSs, distributed or coordinated attacks can still go undetected because of the single vantage point of the IDSs. Due to this reason, there is a need for attack characteristics' exchange among different IDS nodes. Another reason for IDS coordination is that a zero-day attack (an attack without a known signature) experienced in organizations located in different regions is not the same. Collaborative efforts of the participating IDS nodes can stop more attack threats if IDS nodes exchange these attack characteristics among each other. Researchers proposed a cooperative intrusion detection system (CoIDS) to share these attack characteristics effectively. Although this solution enhanced IDS node’s ability to respond to attacks previously identified by cooperating IDSs, malicious activities such as fake data injection, data manipulation or deletion, data integrity, and consistency are problems threatening this approach.
In this dissertation, we develop a blockchain-based solution that ensures the integrity and consistency of attack characteristics shared in a cooperative intrusion detection system. The developed architecture achieves this result by continuously monitoring blockchain nodes' behavior to detect and prevent malicious activities from both outsider and insider threats. Apart from this, the architecture facilitates scalable attack characteristics’ exchange among IDS nodes and ensures heterogeneous IDS participation. It is also robust to public IDS nodes joining and leaving the network. The security analysis result shows that the architecture can detect and prevent malicious activities from both outsider and insider attackers, while performance analysis shows scalability with low latency.
Recommended Citation
Ajayi, Oluwaseyi J., "Blockchain-based Architecture for Secured Cyberattack Signatures and Features Distribution" (2021). CUNY Academic Works.
https://academicworks.cuny.edu/cc_etds_theses/929
Included in
Computer and Systems Architecture Commons, Other Electrical and Computer Engineering Commons