Multi-cloud cooperative intrusion detection system: trust and fairness assurance

The sophistication of the recent cloud computing systems has made them more vulnerable to intelligent cyber attacks. Moreover, it is becoming very difficult for a single intrusion detection system (IDS) to detect all existing attacks, due to limited knowledge about such attacks’ patterns and implications. Recent works in cloud security have shown that cooperation among cloud-based IDSs can enhance their accuracy. However, there are two main challenges associated with the existing cooperative IDSs, which are related to trust and fairness assurance. To tackle these challenges, we propose in this paper a cooperative cloud-based IDS framework that (1) enables IDSs to distributively form trustworthy IDSs communities by advancing a trust-based hedonic coalitional game, which allows IDSs to increase their individual detection accuracy in the presence of untrusted IDSs and (2) formulates a fairness assurance mechanism as a Stackelberg game between the well-behaving IDSs and the selfish ones that frequently send consultation requests to other IDSs, and at the same do not answer other IDSs’ consultation requests. Experimental results show the effectiveness of the proposed approach in terms of enhancing the accuracy of detection and achieving the fairness among IDSs in terms of benefits obtained through cooperation.