Researchers from Zayed University analyzed the security vulnerabilities and strengths of blockchain techniques in the context of collaborative systems for detecting intrusions to data storages. While blockchain techniques can prove highly valuable in this respect, they contain some security challenges that need to be addressed to ensure system safety.
Cyber-criminals are constantly targeting connected systems with attacks of ever-increasing complexity. While cybersecurity experts are always trying to defend connected systems, there is still the need for Intrusion Detection Systems (IDS) to detect malicious attacks. However, as the sophistication level of cyber-attacks increases, it becomes clear that a single IDS simply can’t provide a robust defense.
The solution to that dilemma is utilizing collaborative intrusion detection systems (CIDS), which share information with several different IDS nodes, to achieve better performance. However, organizations are often reluctant to share the data in their possession with other IDS, which naturally makes collaborative efforts less effective.
Fortunately, there is a new peer-to-peer sharing technique that eliminates the need for trust between different entities. This is the famed blockchain technology, and systems that rely on it are practically impervious to any unauthorized change to the system. A blockchain-based system has no central authority that oversees the information being exchanged between members in the network. Therefore, a blockchain-based system may be ideal for implementing collaborative intrusion detection systems protocols, making it much safer for use.
Blockchain-based systems have been adopted by many organizations for multiple applications and processes, including cryptocurrency, healthcare, education and governmental services. There is no reason, therefore, not to use similar systems for defending networks. But how should such progress be done?
A research team from Zayed University, led by Prof. Kadhim Hayawi, has recently conducted an analysis of hypothetical blockchain-based systems for collaborative IDS. The researchers began by analyzing the existing intrusion detection methodologies in light of the new blockchain techniques. They then highlighted the weaknesses of the existing approaches, and showed how blockchain techniques can help mitigate those vulnerabilities. Finally, they uncovered several categories of vulnerability points in blockchain-based systems.
Their main insight was that while blockchain-based systems have the potential to block many malicious attacks, they still have some critical vulnerabilities. These include the infamous 51% attack, in which attackers take control over more than 50% of the entities involved in the computations behind the system, and thus are able to manipulate the data in it to their needs.
Parallel and complementary security challenges include identity theft and system hacking. Identity theft attacks can allow cyber-criminals to pose as some of the entities that contribute to the security of the blockchain-based system, which system hacking can allow cyber-criminals to essentially control the way those entities are conducting their business in the blockchain-based system. Together, these cyberattack techniques mean that cyber-criminals may circumvent even the renowned security of blockchain-based systems.
Finally, users control over their data may be compromised simply by the loss – or theft – of one’s private key. Therefore, it is vital that blockchain-based systems put a premium on protecting users keys and the external platforms that store such keys. There are suggestions to use hardware security modules that generate, protect and manage keys with utmost safety.
In summary, blockchain-based technologies can allow collaborative intrusion detection systems to truly shine. As CIDS vastly increase the chance for detecting today’s sophistication cyber-attacks, this development is critical for the field of cybersecurity, which has important consequences for the Internet of Things, smart cities, autonomous cars and many other systems that rely on data sharing.
Original content by Nawartna