تشخیص نفوذ مبتنی بر همکاری در بستر زنجیرهیبلوکی دارای مجوز در اینترنتاشیاء به روش یادگیری ماشین
محورهای موضوعی : تخصصیمحمد مهدی عبدیان 1 , مجید غیوری ثالث 2 , سید احمد افتخاری 3
1 - کارشناسی ارشد رایانش امن، گروه کامپیوتر دانشگاه جامع امام حسین (ع)
2 - استادیار گروه کامپیوتر دانشگاه جامع امام حسین (ع)
3 - کارشناسی مهندسی کامپیوتر نرمافزار، دانشگاه آزاد اسلامی واحد تهران مرکز، تهران، ایران
کلید واژه: تشخیص نفوذ, زنجیرهبلوکی, اینترنتاشیاء, یادگیری ماشین, تشخیص نفوذ مبتنی بر یادگیری ماشین.,
چکیده مقاله :
در سیستمهای تشخیص نفوذ؛ افزایش نرخ تشخیصهای درست و کاهش زمان آموزش و تشخیص، کاهش بار پردازشی، نگهداشت مناسب مدل تشخیص دهنده و لاگهای حاصل، به طوری که توسط افراد غیر مجاز قابل دستکاری یا پاک شدن نباشند حائز اهمیت میباشد. بنابراین در این پژوهش، با بهرهمندی از مزایای زنجیرهبلوکی و قابلیت ماندگاری آن و با بهرهمندی از معماری IDS مبتنی بر همکاری چند گره به دنبال رفع مشکلات مطرح شده میباشیم. مدل بر اساس الگوریتم درخت تصمیم است که در گرههای معماری به عنوان موتور تشخیص نفوذ فعالیت میکند. معماری متشکل از چندین گره مرتبط در بستر زنجیرهبلوکی میباشد، مدل و لاگهای ایجاد شده در بستر زنجیرهبلوکی ذخیره شده و لذا به راحتی قابل دستکاری یا پاک شدن نیستند. کنار مزایای حاصل از به کارگیری زنجیرهبلوکی، مساله ی میزان حافظه اشغالی و سرعت و زمان انجام تراکنشها توسط زنجیرهبلوکی نیز مطرح میباشند. در این پژوهش مدلهای ارزیابی برای معماری تک گره و چند گره در بستر زنجیرهبلوکی، مطرح شده است. در نهایت اثبات معماری و تهدیدات احتمالی نسبت به معماری و راههای دفاع تشریح میشود. مهمترین مزایای طرح شامل؛ حذف نقطه ی شکست واحد، حفظ اعتماد بین گرهها و اطمینان از جامعیت مدل و لاگهای کشف شده میباشد.
Intrusion detection systems seek to realize several objectives, such as increasing the true detection rate, reducing the detection time, reducing the computational load, and preserving the resulting logs in such a way that they cannot be manipulated or deleted by unauthorized people. Therefore, this study seeks to solve the challenges by benefiting from the advantages of blockchain technology, its durability, and relying on IDS architecture based on multi-node cooperation. The proposed model is an intrusion detection engine based on the decision tree algorithm implemented in the nodes of the architecture. The architecture consists of several connected nodes on the blockchain platform. The resulting model and logs are stored on the blockchain platform and cannot be manipulated. In addition to the benefits of using blockchain, reduced occupied memory, the speed, and time of transactions are also improved by blockchain. In this research, several evaluation models have been designed for single-node and multi-node architectures on the blockchain platform. Finally, proof of architecture, possible threats to architecture, and defensive ways are explained. The most important advantages of the proposed scheme are the elimination of the single point of failure, maintaining trust between nodes, and ensuring the integrity of the model, and discovered logs.
[1] S. Smys, A. Basar, and H. Wang, "Hybrid intrusion detection system for internet of Things (IoT) ", Journal of ISMAC, vol. 2, no. 04, pp. 190-199, 2020.
[2] Y. N. Soe, Y. Feng, P. I. Santosa, R. Hartanto, and K. Sakurai, "Implementing Lightweight IoT-IDS on Raspberry Pi Using Correlation-Based Feature Selection and Its Performance Evaluation", Springer International Conference on Advanced Information Networking and Application, AINA: Advanced Information Networking and Applications, Vol. 926, pp. 458-469, 2019.
[3] O. Alkadi, N. Moustafa, B. Turnbull, and K. R. Choo, "Deep Blockchain Framework-enabled Collaborative Intrusion Detection for Protecting IoT and Cloud Networks", IEEE Internet of Things Journal, pp. 1-12, 2020.
[4] G. D. Putra, V. Dedeoglu, S. S. Kanhere, and R. Jurdak, "Poster Abstract: Towards Scalable and Trustworthy Decentralized Collaborative Intrusion Detection System for IoT," 2020 IEEE/ACM Fifth International Conference on Internet-of-Things Design and Implementation (IoTDI), pp. 256-257, 2020.
[5] W. Meng, E. W. Tischhauser, Q. Wang, Y. Wang, and J. Han, "When Intrusion Detection Meets Blockchain Technology: A Review," IEEE Access, vol. 6, pp. 10179-10188, 2018.
[6] S. Yakut, Ö. Şeker, E. Batur, and G. Dalkılıç, "Blockchain Platform for Internet of Things," 2019 Innovations in Intelligent Systems and Applications Conference (ASYU), Izmir, Turkey, pp. 1-6, 2019.
[7] H. T. T. Truong, M. Almeida, G. Karame, and C. Soriente, "Towards Secure and Decentralized Sharing of IoT Data", 2019 IEEE International Conference on Blockchain (Blockchain), Atlanta, GA, USA, pp. 176-183, 2019.
[8] A. Sforzin, F. G. Mármol, M. Conti, and J. -M. Bohli (2016), "RPiDS: Raspberry Pi IDS — A Fruitful Intrusion Detection System for IoT," 2016 Intl IEEE Conferences on Ubiquitous Intelligence & Computing, Advanced and Trusted Computing, Scalable Computing and Communications, Cloud and Big Data Computing, Internet of People, and Smart World Congress (UIC/ATC/ScalCom/CBDCom/IoP/SmartWorld), pp. 2016, 2016.
[9] A. M. Chandrasekhar, and K. Raghuveer, "Intrusion detection technique by using k-means, fuzzy neural network and SVM classifiers", 2013 International Conference on Computer Communication and Informatics IEEE, pp. 1-7, 2013.
[10] S. Iqbal, M. L. M. Kiah, B. Dhaghighi, M. Hussain, S. Khan, M. K. Khan, and K. K. R. Choo, "On cloud security attacks: A taxonomy and intrusion detection and prevention as a service.," Journal of Network and Computer Applications, pp. 98-120, 2016.
[11] P. Mehetrey, B. Shahriari, and M. Moh, "Collaborative ensemble-learning based intrusion detection systems for clouds.," 2016 International Conference on Collaboration Technologies and Systems (CTS), pp. 404-411, 2016.
[12] I. Andrea, C. Chrysostomou, and G. Hadjichristofi, "Internet of Things: Security vulnerabilities and challenges," IEEE Symposium on Computers and Communication (ISCC), Larnaca, pp. 180-187, 2015.
[13] R. Mahmoud, T. Yousuf, F. Aloul, and I. Zualkernan, "Internet of things (IoT) security: Current status, challenges and prospective measures," 10th International Conference for Internet Technology and Secured Transactions (ICITST) IEEE, London, pp. 336-341, 2015.
[14] S. Vashi, J. Ram, J. Modi, S. Verma, and C. Prakash, "Internet of Things (IoT): A vision, architectural elements, and security issues," International Conference on I-SMAC (IoT in Social, Mobile, Analytics and Cloud) (I-SMAC), Palladam, pp. 492-496, 2017.
[15] S. Nakamoto, "Bitcoin: A peer-to-peer electronic cash system,"2009. http://bitcoin.org/bitcoin.pdf. [16] M., Crosby, N. P. Pattanayak, S. Verma, and V. Kalyanaraman, "BlockChain Technology: Beyond Bitcoin,," Applied Innovation Review, 2016.
[17] S. Zamani, Z. Moezkarimi, and Z. Golmirzaei (2019), "Classifying, Comparing, and Analyzing Blockchain Platforms," International Conference on Web Research, Tehran, Iran.
[18] T. W. Shinder, "The Best Damn Firewall Book Period," Elsevier, 2011.
[19] "research.unsw.edu.au," [Online]. Available: https://research.unsw.edu.au/projects/unsw-nb15-dataset.
[20] K. Yogesh, M. Karthik, T. Naveen, and S. Saravanan, "Design and Evaluation of Scalable Intrusion Detection System Using Machine Learning and Apache Spark," 2019 5th International Conference On Computing, Communication, Control And Automation (ICCUBEA), pp. 1-7, 2019.
[21] "https://hyperledger-fabric.readthedocs.io/en/release-2.2/peers/peers.html," 2020. [Online]. Available: https://hyperledger-fabric.readthedocs.io/en/release-2.2/peers/peers.html
[22] "hyperledger-fabric," 2020. [Online]. Available: https://hyperledger-fabric.readthedocs.io/en/release-2.2/membership/membership.html.
[23] "hyperledger-fabric," hyperledger-fabric, 2018. [Online]. Available: https://hyperledger-fabric.readthedocs.io/en/release-1.3/ledger/ledger.html.
[24] "pycryptodome," [Online]. Available: https://pycryptodome.readthedocs.io/en/latest/src/hash/sha3_256.html.
[25] "https://hyperledger-fabric.readthedocs.io," 2020. [Online]. Available: https://hyperledger-fabric.readthedocs.io/en/release-2.2/deployment_guide_overview.html.
[26] C. A. Ronao, and S. B. Cho, “Mining SQL queries to detect anomalous database access using random forest and PCA”, In International conference on industrial, engineering and other applications of applied intelligent systems (pp. 151-160). Springer, Cham., 2015.
[27] "https://hyperledger-fabric.readthedocs.io/en/release-2.2," 2020. [Online]. Available: https://hyperledger-fabric.readthedocs.io/en/release-2.2/create_channel/create_channel_config.html?highlight=batchtimeout#orderer.