Collaborative Intrusion Detection Networks and Insider Attacks
Cyber intrusion is becoming an increasingly global and urgent problem. Intrusion Detection Systems (IDSs) are deployed to identify intrusions and mitigate their damage. A stand alone IDS does not have complete information or knowledge to detect intrusions. A Collaborative Intrusion Detection Network (CIDN) consists in a set of cooperating IDSs which use collective knowledge and experience to achieve improved intrusion detection accuracy. However, insider attackers may severely degrade the efficiency of CIDNs. This paper provides a survey of some CIDNs and analyzes their robustness against insider attacks. The authors first classify network intrusions, IDSs, and insider attacks for CIDNs according to their behaviors and the techniques they use.