aalto1 untyped-item.component.html
SeDID: An SGX-enabled decentralized intrusion detection framework for network trust evaluation
Loading...
Access rights
openAccess
acceptedVersion
URL
Journal Title
Journal ISSN
Volume Title
A1 Alkuperäisartikkeli tieteellisessä aikakauslehdessä
This publication is imported from Aalto University research portal.
View publication in the Research portal (opens in new window)
View/Open full text file from the Research portal (opens in new window)
Other link related to publication (opens in new window)
View publication in the Research portal (opens in new window)
View/Open full text file from the Research portal (opens in new window)
Other link related to publication (opens in new window)
Unless otherwise stated, all rights belong to the author. You may download, display and print this publication for Your own personal use. Commercial use is prohibited.
Date
Major/Subject
Mcode
Degree programme
Language
en
Pages
15
Series
Information Fusion, Volume 70, pp. 100-114
Abstract
In order to evaluate network trust, different intrusion detection methods have been proposed. However, it is difficult for a single detection node to collect massive data and perform detection and evaluation in a large-scale network. In addition, disclosure of security-related data and detection pattern might weaken data provision incentives due to privacy concern, which could result in deliberately forging data to evade detection. Current literature still lacks a general framework to conduct decentralized intrusion detection towards network trust evaluation with privacy preservation. In this paper, we propose SeDID, a Software Guard Extension (SGX)-enabled decentralized intrusion detection framework for network trust evaluation based on blockchain. We design a novel consensus mechanism to avoid forking and guarantee high efficiency and real decentralization, where block creation is uniquely consented by miners and block creation difficulty is determined by the number of blocks previously created by a relative miner within a time window. The smaller the number, the easier the miner creates a new block. SeDID also offers incentives according to node contributions for motivating security-related data collection, intrusion detection and network trust evaluation. Additional employment of Intel SGX makes SeDID preserve both data and pattern privacy. We analyze SeDID’s efficacy in terms of incentive, privacy preservation and security. Its performance is further evaluated through simulations. In specific settings, its block creation time, task completion time and throughput are 19.61s, 44.55s and 224.47 transactions/s, respectively. Compared with state-of-the-art systems, SeDID offers better performance, which implies its potential to be applied in practice.
Description
Other note
Citation
Liu, G, Yan, Z, Feng, W, Jing, X, Chen, Y & Atiquzzaman, M 2021, 'SeDID: An SGX-enabled decentralized intrusion detection framework for network trust evaluation', Information Fusion, vol. 70, pp. 100-114. https://doi.org/10.1016/j.inffus.2021.01.003