Due to the rapid growth of computer networks, intrusions have become more complicated and devastating. As an important solution, collaborative intrusion detection networks or systems (CIDNs or CIDSs) are considered and adopted by many organizations to identify cyberattacks. Insider attack is one major threat to such defensive mechanisms. In the literature, challenge-based trust management scheme can help safeguard CIDNs against insider attacks. However, previous studies identified that challenge-based CIDNs may still suffer from advanced insider attacks, like passive message fingerprint attack (PMFA). Motivated by the recent blockchain research, in this work, we propose a blockchain-based approach to help enhance the robustness of challenge-based CIDNs against advanced insider attacks like PMFA, through integrating a type of blockchain-based trust. In the evaluation, we examine our approach in both simulated and real network environments. The results demonstrate that our approach is effective in defeating advanced insider attacks like PMFA and enhancing the robustness of challenge-based CIDNs, as compared with the original scheme.

中文翻译：

---

使用区块链增强基于挑战的协作入侵检测网络抵御内部攻击

由于计算机网络的迅速发展，入侵变得更加复杂和破坏性。作为一种重要的解决方案，协作式入侵检测网络或系统（CIDN或CIDS）已被许多组织考虑并采用来识别网络攻击。内部攻击是对这种防御机制的主要威胁。在文献中，基于挑战的信任管理方案可以帮助保护CIDN免受内部攻击。但是，先前的研究表明，基于挑战的CIDN可能仍会遭受高级内部人员攻击，例如被动消息指纹攻击（PMFA）。在最近的区块链研究的推动下，在这项工作中，我们提出了一种基于区块链的方法，通过集成一种基于区块链的信任，可帮助增强基于挑战的CIDN抵御高级内部人员攻击（如PMFA）的鲁棒性。在评估中，我们检查了在模拟和真实网络环境中的方法。结果表明，与原始方案相比，我们的方法在克服高级内部人攻击（例如PMFA）和增强基于挑战的CIDN的鲁棒性方面是有效的。