effect of intrusion detection on reliability jin-hee cho, member, ieee, ing-ray chen, member, ieee,...
TRANSCRIPT
Effect of Intrusion Detection on Reliability
Jin-Hee Cho, Member, IEEE, Ing-Ray Chen, Member, IEEE, and Phu-Gui Feng
IEEE TRANSACTIONS ON RELIABILITY, VOL. 59, NO. 1, MARCH 2010
1Clarence Bingsheng Wang – CS5214– M & E of CSs
of Mission-Oriented Mobile Group Systems
Reporter: Clarence Bingsheng Wang
in Mobile Ad Hoc Networks
Effect of IDSs on Reliability
Outline
Introduction & Background System Model Performance Model Parameterization Numerical Results & Analysis Applicability & Conclusion Reference Q & A
Clarence Bingsheng Wang – CS5214– M & E of CSs 2
Effect of IDSs on Reliability
Introduction
Analyzing the effect of intrusion detection system (IDS) techniques on the reliability of a mission-oriented group communication in mobile ad hoc networks.
Knowing design conditions for employing intrusion detection system (IDS) techniques that can enhance the reliability, and thus prolong the lifetime of GCS.
Clarence Bingsheng Wang – CS5214– M & E of CSs 3
Effect of IDSs on Reliability
Introduction
Identify the optimal rate at which IDS should be executed to maximize the system lifetime.
Consider the effect of security threats, and Intrusion Detection Systems (IDSs) techniques on system lifetime of a mission-oriented Group Communication System (GCS) in Mobile Ad Hoc Networks (MANETs).
Clarence Bingsheng Wang – CS5214– M & E of CSs 4
Effect of IDSs on Reliability
Background
Mobile ad hoc networks (MANETs) Move Independently: Rapid Change in Topology Forward Traffic
Clarence Bingsheng Wang – CS5214– M & E of CSs 5
Effect of IDSs on Reliability
Background
Group Communication Systems. Group: “Directly Communicate” Group Partition Group Merge
Security Protocol in MANETs Characteristics
Actions Against Malicious Attacks Prevention: “Security holes” Detection: Mission-Oriented GCSs Recovery
Clarence Bingsheng Wang – CS5214– M & E of CSs 6
Effect of IDSs on Reliability
Background
Optimal setting for IDS techniques Maximize the security-induced failure time
Clarence Bingsheng Wang – CS5214– M & E of CSs 7
SECURITY-INDUCED FAILURE TIME
MMTSF: Mean time to security failure Reflect the expected system
lifetime
PROLONG
Effect of IDSs on Reliability
System Model
Connectivity-Oriented Mobile Group Defined based on “Connectivity” Single Hop: All members are connected Multi Hops: Separation between groups
Clarence Bingsheng Wang – CS5214– M & E of CSs 8
Group
PartitionFailure
/Mobility
Group
Merge
Effect of IDSs on Reliability
System Model
Mission-Oriented GCSs Mission execution is an application-level goal built on top
of connectivity-oriented group communications
Clarence Bingsheng Wang – CS5214– M & E of CSs 9
Effect of IDSs on Reliability
System Model
Secure Group Communications: Broadcast Group Key Encrypt the message for Confidentiality Rekey: Group member Join/Leave/Eviction, Group
Partition/Merge Contributory key agreement protocol: GDH
Clarence Bingsheng Wang – CS5214– M & E of CSs 10
Effect of IDSs on Reliability
Group Member’s Authenticity Public/Private key pair Challenge/Response mechanism Assumption: The public keys of all group members
preloaded into every node. No certificate authority (CA) in the MANET during mission period
A node’s public key servers as the identifier of the node
Clarence Bingsheng Wang – CS5214– M & E of CSs 11
Effect of IDSs on Reliability
System Model-IDSs
Host-based IDS Each node performs local detection to determine if a
neighboring node has been compromised. Effectiveness is measured by: false negative probability (
) and false positive probability ( ) Host-based IDS is preinstalled in each host.
Clarence Bingsheng Wang – CS5214– M & E of CSs 12
𝑃 1=𝑏
𝑎+𝑏𝑃 2=
𝑐𝑐+𝑑
Detection Situation
Bad Nodes Good Nodes
Actual Situation
Bad Nodes a(TP) b(FN)
Good Nodes c(FP) d(TN)
Effect of IDSs on Reliability
System Model-IDSs
Voting-based IDS Each node is preinstalled with host-based IDS. Periodically, a target node would be evaluated by vote-
participants dynamically selected. If the majority of nodes decided to vote against the
target node, then the target node would be evicted from the system
Shortages: (a) evicting good nodes by always voting “no” to good nodes, and (b) keeping bad nodes in the system by always voting “yes” to bad nodes.
Clarence Bingsheng Wang – CS5214– M & E of CSs 13
Effect of IDSs on Reliability
System Model-IDSs
Intrusion tolerance Tolerate collusion of compromised nodes in MANETs as it
takes a majority of bad nodes among nodes to work against the system
Characterize voting-based IDS by two parameters: false negative probability ( ), and false positive probability ( ). They are calculated based on:
Clarence Bingsheng Wang – CS5214– M & E of CSs 14
(a) The per-node false negative, and positive probabilities ( 1, and 2) 𝑃 𝑃
(b) The number of vote-participants, 𝑚 (c) The estimate of the current number of
compromised nodes which may collude with the objective to disrupt the service of the system.
Effect of IDSs on Reliability
System Model-IDSs
Intrusion tolerance For the selection of participants, each
node periodically exchanges its routing information, location, and identifier with its neighboring nodes
Candidates: all neighbor nodes of a target node
A coordinator is selected randomly so that the adversaries will not have specific targets
Clarence Bingsheng Wang – CS5214– M & E of CSs 15
Coordinator
Effect of IDSs on Reliability
System Model-IDSs
Intrusion tolerance Coordinator Selection: a hashing
function that takes in the identifier of a node concatenated with the current location of the node as the hash key. The node with the smallest returned hash value would then become the coordinator
The coordinator then selects nodes randomly (including itself), and broadcasts this list of selected vote-participants to all group members
Clarence Bingsheng Wang – CS5214– M & E of CSs 16
Effect of IDSs on Reliability
System Model-IDSs
Intrusion tolerance Any node not following the
protocol raises a flag as a potentially compromised node, and may get itself evicted when it is being evaluated as a target node.
The vote-participants are known to other nodes, and based on votes received, they can determine whether or not a target node is to be evicted.
Clarence Bingsheng Wang – CS5214– M & E of CSs 17
Effect of IDSs on Reliability
System Model
Failure Definition Definition 1: The failure of any group leads to GCSs’
failure. (SF1)
Definition 2: The failures of all groups lead to GCSs’ failure. (SF2)
Condition 1: a compromised but undetected group member requests and subsequently obtains data using the group key. (C1)
Condition 2: more than 1/3 of group member nodes are compromised, but undetected by IDS (Byzantine Failure model) (C2)
Clarence Bingsheng Wang – CS5214– M & E of CSs 18
Effect of IDSs on Reliability
System Model
Network Connectivity, System Failure Group nodes are connected within a single hop, forming
a single group in the system without experiencing group merge or partition events
Only a single group in the system, SF1 and SF2 (i.e., the two system failure definitions) are the same.
Group nodes are connected through multi-hops so that there are multiple groups in the system due to group partition/merge events because of node mobility or node failure.
Clarence Bingsheng Wang – CS5214– M & E of CSs 19
Effect of IDSs on Reliability
System Model
Reliability Metric: MTTSF Indicates the lifetime of the GCSs before it fails. A GCS fails when one mobile group fails, or when all
mobile groups fail in the mission-oriented GCS, as defined by SF1 or SF2.
A mobile group fails when either C1 or C2 is true. A lower MTTSF Implies a faster loss of system integrity,
or availability. The goal is to maximize MTTSF.
Clarence Bingsheng Wang – CS5214– M & E of CSs 20
Effect of IDSs on Reliability
Performance Model
Use places to deposit tokens. Use transitions to model events. Tracks the behavior of a single mobile group Tracks the number of mobile groups existing in
the GCSs during the system lifetime A transition is eligible to fire when the firing
conditions associated with the event are met, including (a) its input places each must contain at least one token, and (b) the associated enabling guard function, if it exists, must return true
Clarence Bingsheng Wang – CS5214– M & E of CSs 21
Effect of IDSs on Reliability
Performance Model SPN
Clarence Bingsheng Wang – CS5214– M & E of CSs 22
Effect of IDSs on Reliability
Performance Model
Clarence Bingsheng Wang – CS5214– M & E of CSs 23
𝑚𝑎𝑟𝑘
(NG
)
𝑚𝑎𝑟𝑘 (U Cm )𝑚𝑎𝑟𝑘 ( D Cm )
Effect of IDSs on Reliability
Performance Model
Node compromised rate Rate(T_CP) =
Intrusion detection rate Rate(T_IDS) =
The rate of a compromised, undetected node is detected by IDS Rate(T_IDS) =
The rate of A node being falsely identified by IDS Rate(T_FA) =
Clarence Bingsheng Wang – CS5214– M & E of CSs 24
Effect of IDSs on Reliability
Performance Model
Expected query rate by a member Rate(query) =
Due to C1, the rate of a security data failure when data is leaked out to compromised but undetected member Rate(T_DRQ) =
Clarence Bingsheng Wang – CS5214– M & E of CSs 25
Effect of IDSs on Reliability
Performance Model
Mobile group’s security failure: C1 or C2 is satisfied.
C1: The number of security failure group is bigger than 0
C2: The number of compromised nodes is bigger than of
total number of nodes.( Byzantine Failure model )
Clarence Bingsheng Wang – CS5214– M & E of CSs 26
Effect of IDSs on Reliability
Performance Model
Group Merge, and Partition Obtain group merge/partition rate through observing the
number of group merge and partition events under a multi-hop MANET.
Sojourn time at state is when groups are present in the system
The number of group merge events is during The number of group partition events is during Merging rate: Partition rate:
Clarence Bingsheng Wang – CS5214– M & E of CSs 27
Effect of IDSs on Reliability
Performance Model
Calculation of MTTF MTTA: mean time to absorption
Assigning proper rewards to the states of the system Absorbing states: C1 or C2
Under SF1: Reward of 1 to all states except absorbing states
Under SF2 Based on the concept of 1-out-of-n system , where is the number of groups
Clarence Bingsheng Wang – CS5214– M & E of CSs 28
Effect of IDSs on Reliability
Performance Model
Calculation of MTTF
where denotes the set of all states except the absorbing states, is the instantaneous probability at state .
Clarence Bingsheng Wang – CS5214– M & E of CSs 29
Effect of IDSs on Reliability
Parameterization
Assign model parameters proper values reflecting the operational and environmental conditions of the system.
Transition rate of rekeying Depends on the number of group members Generating a key is linear with the number of nodes
executing the key agreement protocol, GDH
Clarence Bingsheng Wang – CS5214– M & E of CSs 30
Effect of IDSs on Reliability
Parameterization
Transition rate of rekeying Let be the time used to generate a new group key with
numbers Rate(T_RK) = , where
where is the length of an intermediate value in applying GDH.3 (bits)
, the number of current member nodes is the wireless bandwidth
Clarence Bingsheng Wang – CS5214– M & E of CSs 31
Effect of IDSs on Reliability
Parameterization
Node compromised rate
where is the compromising rate, obtained from design knowledge, or by linear approximation from observing the number of compromised nodes over a time period based on past experiences, and is the degree of compromised nodes,
Clarence Bingsheng Wang – CS5214– M & E of CSs 32
Effect of IDSs on Reliability
Parameterization
Intrusion detection rate Its intensity adjusted linear to the cumulative number of
compromised nodes that have been detected by IDS.
where is a design parameter to be adjusted to maximize MTTSF, and is the degree of nodes that have detected by IDS,where Number of trusted member nodes in the system initially
Clarence Bingsheng Wang – CS5214– M & E of CSs 33
Effect of IDSs on Reliability
Parameterization
Clarence Bingsheng Wang – CS5214– M & E of CSs 34
Collusion
Incorrect factor
Effect of IDSs on Reliability
Parameterization
Clarence Bingsheng Wang – CS5214– M & E of CSs 35
Effect of IDSs on Reliability
The effect of on MTTSF under varying in Single hop MANETs
Clarence Bingsheng Wang – CS5214– M & E of CSs 36
Good nodes-> Bad nodes
False Alarm
Effect of IDSs on Reliability
The effect of on MTTSF under varying in multi-hop MANETs
Clarence Bingsheng Wang – CS5214– M & E of CSs 37
SF1
SF2
Node Density
Effect of IDSs on Reliability
The effect of on MTTSF under varying in Single hop MANETs
Clarence Bingsheng Wang – CS5214– M & E of CSs 38
Good nodes-> Bad nodes
Data Leak
Effect of IDSs on Reliability
The effect of on MTTSF under varying in multi-hop MANETs
Clarence Bingsheng Wang – CS5214– M & E of CSs 39
SF1
SF2
Node Density
Effect of IDSs on Reliability
The effect of on MTTSF under varying in Single hop MANETs
Clarence Bingsheng Wang – CS5214– M & E of CSs 40
Compromised Rate
Effect of IDSs on Reliability
The effect of on MTTSF under varying in multi-hop MANETs
Clarence Bingsheng Wang – CS5214– M & E of CSs 41
SF1
SF2
Node Density
Effect of IDSs on Reliability
Applicability & Conclusion
Clarence Bingsheng Wang – CS5214– M & E of CSs 42
Optimal Intrusion Detection interval T_IDS
Attacker BehaviorSystem
Failure definitions
Operational Conditions
MATHEMATIC MODEL
Effect of IDSs on Reliability
Applicability & Conclusion
Results
Clarence Bingsheng Wang – CS5214– M & E of CSs 43
m Node Density𝜆𝑞𝜆𝑐
Optimal intrusion detection interval T_IDS for maximizing the MTTSF decreases
m Node Density𝜆𝑞𝜆𝑐
Effect of IDSs on Reliability
Reference
1. Jin-Hee Cho, Ing-Ray Chen, Phu-Gui Feng, “Effect of Intrusion Detection on Reliability of Mission-Oriented Mobile Group Systems in Mobile Ad Hoc Networks,” IEEE TRANSACTIONS ON RELIABILITY, pp. 231 – 241, VOL. 59, NO. 1, MARCH 2010.
2. Jin-Hee Cho, “Design and Analysis of QoS-Aware Key Management and Intrusion Detection Protocols for Secure Mobile Group Communications in Wireless Networks,” PhD. Dissertation, Nov. 12, 2008.
3. http://en.wikipedia.org/wiki/Challenge-response_authentication
4. http://en.wikipedia.org/wiki/Public-key_cryptography
Clarence Bingsheng Wang – CS5214– M & E of CSs 44
Effect of IDSs on Reliability
Clarence Bingsheng Wang – CS5214– M & E of CSs 45