{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,8,20]],"date-time":"2025-08-20T12:33:02Z","timestamp":1755693182018,"version":"3.40.3"},"publisher-location":"Cham","reference-count":19,"publisher":"Springer Nature Switzerland","isbn-type":[{"type":"print","value":"9783031240485"},{"type":"electronic","value":"9783031240492"}],"license":[{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2023,1,19]],"date-time":"2023-01-19T00:00:00Z","timestamp":1674086400000},"content-version":"vor","delay-in-days":383,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2022]]},"abstract":"<jats:title>Abstract<\/jats:title><jats:p>Collaborative intrusion detection approach uses the shared detection signature between the collaborative participants to facilitate coordinated defense. In the context of collaborative intrusion detection system (CIDS), however, there is no research focusing on the efficiency of the shared detection signature. The inefficient detection signature costs not only the IDS resource but also the process of the peer-to-peer (P2P) network. In this paper, we therefore propose a blockchain-based retribution mechanism, which aims to incentivize the participants to contribute to verifying the efficiency of the detection signature in terms of certain distributed consensus. We implement a prototype using Ethereum blockchain, which instantiates a token-based retribution mechanism and a smart contract-enabled voting-based distributed consensus. We conduct a number of experiments built on the prototype, and the experimental results demonstrate the effectiveness of the proposed approach.<\/jats:p>","DOI":"10.1007\/978-3-031-24049-2_4","type":"book-chapter","created":{"date-parts":[[2023,1,18]],"date-time":"2023-01-18T16:02:56Z","timestamp":1674057776000},"page":"57-73","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["A Blockchain-Based Retribution Mechanism for\u00a0Collaborative Intrusion Detection"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-7363-9695","authenticated-orcid":false,"given":"Wenjun","family":"Fan","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-4624-3799","authenticated-orcid":false,"given":"Shubham","family":"Kumar","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5736-5823","authenticated-orcid":false,"given":"Sang-Yoon","family":"Chang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0651-2384","authenticated-orcid":false,"given":"Younghee","family":"Park","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2023,1,19]]},"reference":[{"key":"4_CR1","unstructured":"Anderson, H.: Introduction to NESSUS. Retrieved from Symantec (2003)"},{"key":"4_CR2","unstructured":"Benet, J.: IPFS-content addressed, versioned, P2P file system (DRAFT 3). arXiv preprint arXiv:1407.3561 (2014)"},{"key":"4_CR3","unstructured":"Bolzoni, D., Crispo, B., Etalle, S.: ATLANTIDES: an architecture for alert verification in network intrusion detection systems. In: LISA, vol. 7, pp. 1\u201312 (2007)"},{"issue":"6","key":"4_CR4","doi-asserted-by":"publisher","first-page":"36","DOI":"10.1109\/MSP.2006.159","volume":"4","author":"DJ Chaboya","year":"2006","unstructured":"Chaboya, D.J., Raines, R.A., Baldwin, R.O., Mullins, B.E.: Network intrusion detection: automated and manual methods prone to attack and evasion. IEEE Secur. Priv. 4(6), 36\u201343 (2006)","journal-title":"IEEE Secur. Priv."},{"key":"4_CR5","doi-asserted-by":"publisher","first-page":"710","DOI":"10.1016\/j.future.2019.06.026","volume":"102","author":"DW Chadwick","year":"2020","unstructured":"Chadwick, D.W., et al.: A cloud-edge based data security architecture for sharing and analysing cyber threat information. Futur. Gener. Comput. Syst. 102, 710\u2013722 (2020)","journal-title":"Futur. Gener. Comput. Syst."},{"key":"4_CR6","doi-asserted-by":"crossref","unstructured":"Fan, W., Park, Y., Kumar, S., Ganta, P., Zhou, X., Chang, S.Y.: Blockchain-enabled collaborative intrusion detection in software defined networks. In: 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), pp. 967\u2013974 (2020)","DOI":"10.1109\/TrustCom50675.2020.00129"},{"key":"4_CR7","doi-asserted-by":"crossref","unstructured":"Fan, W., et al.: Enabling privacy-preserving sharing of cyber threat information in the cloud. In: 2019 6th IEEE International Conference on Cyber Security and Cloud Computing (CSCloud)\/ 2019 5th IEEE International Conference on Edge Computing and Scalable Cloud (EdgeCom), pp. 74\u201380 (2019)","DOI":"10.1109\/CSCloud\/EdgeCom.2019.00-15"},{"key":"4_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"666","DOI":"10.1007\/978-3-319-91458-9_41","volume-title":"Database Systems for Advanced Applications","author":"F Gai","year":"2018","unstructured":"Gai, F., Wang, B., Deng, W., Peng, W.: Proof of reputation: a reputation-based consensus protocol for peer-to-peer network. In: Pei, J., Manolopoulos, Y., Sadiq, S., Li, J. (eds.) DASFAA 2018. LNCS, vol. 10828, pp. 666\u2013681. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-91458-9_41"},{"key":"4_CR9","doi-asserted-by":"crossref","unstructured":"Gilad, Y., Hemo, R., Micali, S., Vlachos, G., Zeldovich, N.: Algorand: scaling byzantine agreements for cryptocurrencies. In: Proceedings of the 26th Symposium on Operating Systems Principles, pp. 51\u201368 (2017)","DOI":"10.1145\/3132747.3132757"},{"key":"4_CR10","unstructured":"Zhou, J., Carlson, A.J., Bishop, M.: Verify results of network intrusion alerts using lightweight protocol analysis. In: 21st Annual Computer Security Applications Conference (ACSAC 2005), pp. 10\u2013126 (2005)"},{"key":"4_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"122","DOI":"10.1007\/978-3-030-29729-9_7","volume-title":"Applied Cryptography and Network Security Workshops","author":"W Li","year":"2019","unstructured":"Li, W., Wang, Yu., Li, J., Au, M.H.: Towards blockchained challenge-based collaborative intrusion detection. In: Zhou, J., et al. (eds.) ACNS 2019. LNCS, vol. 11605, pp. 122\u2013139. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-29729-9_7"},{"key":"4_CR12","doi-asserted-by":"crossref","unstructured":"Matsumoto, S., Reischuk, R.M.: IKP: turning a PKI around with decentralized automated incentives. In: 2017 IEEE Symposium on Security and Privacy (SP), pp. 410\u2013426 (2017)","DOI":"10.1109\/SP.2017.57"},{"key":"4_CR13","doi-asserted-by":"crossref","unstructured":"Putra, G.D., Dedeoglu, V., Pathak, A., Kanhere, S.S., Jurdak, R.: Decentralised trustworthy collaborative intrusion detection system for IoT. In: 2021 IEEE International Conference on Blockchain (Blockchain), pp. 306\u2013313 (2021)","DOI":"10.1109\/Blockchain53845.2021.00048"},{"key":"4_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"183","DOI":"10.1007\/978-3-319-94478-4_13","volume-title":"Blockchain \u2013 ICBC 2018","author":"D Qin","year":"2018","unstructured":"Qin, D., Wang, C., Jiang, Y.: RPchain: a blockchain-based academic social networking service for credible reputation building. In: Chen, S., Wang, H., Zhang, L.-J. (eds.) ICBC 2018. LNCS, vol. 10974, pp. 183\u2013198. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-94478-4_13"},{"issue":"18","key":"4_CR15","doi-asserted-by":"publisher","first-page":"4863","DOI":"10.1002\/sec.1661","volume":"9","author":"B Subba","year":"2016","unstructured":"Subba, B., Biswas, S., Karmakar, S.: False alarm reduction in signature-based IDS: game theory approach. Secur. Commun. Netw. 9(18), 4863\u20134881 (2016)","journal-title":"Secur. Commun. Netw."},{"key":"4_CR16","doi-asserted-by":"crossref","unstructured":"Tug, S., Meng, W., Wang, Y.: CBSigIDS: towards collaborative blockchained signature-based intrusion detection. In: 2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData), pp. 1228\u20131235 (2018)","DOI":"10.1109\/Cybermatics_2018.2018.00217"},{"issue":"4","key":"4_CR17","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/2716260","volume":"47","author":"E Vasilomanolakis","year":"2015","unstructured":"Vasilomanolakis, E., Karuppayah, S., M\u00fchlh\u00e4user, M., Fischer, M.: Taxonomy and survey of collaborative intrusion detection. ACM Comput. Surv. 47(4), 1\u201333 (2015)","journal-title":"ACM Comput. Surv."},{"issue":"1","key":"4_CR18","doi-asserted-by":"publisher","first-page":"124","DOI":"10.1016\/j.cose.2009.06.008","volume":"29","author":"CV Zhou","year":"2010","unstructured":"Zhou, C.V., Leckie, C., Karunasekera, S.: A survey of coordinated attacks and collaborative intrusion detection. Comput. Secur. 29(1), 124\u2013140 (2010)","journal-title":"Comput. Secur."},{"key":"4_CR19","doi-asserted-by":"crossref","unstructured":"Zhuang, Q., Liu, Y., Chen, L., Ai, Z.: Proof of reputation: a reputation-based consensus protocol for blockchain based systems. In: Proceedings of the 2019 International Electronics Communication Conference, pp. 131\u2013138 (2019)","DOI":"10.1145\/3343147.3343169"}],"container-title":["Communications in Computer and Information Science","Silicon Valley Cybersecurity Conference"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-24049-2_4","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,1,18]],"date-time":"2023-01-18T16:03:25Z","timestamp":1674057805000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-24049-2_4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022]]},"ISBN":["9783031240485","9783031240492"],"references-count":19,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-24049-2_4","relation":{},"ISSN":["1865-0929","1865-0937"],"issn-type":[{"type":"print","value":"1865-0929"},{"type":"electronic","value":"1865-0937"}],"subject":[],"published":{"date-parts":[[2022]]},"assertion":[{"value":"19 January 2023","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"SVCC","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Silicon Valley Cybersecurity Conference","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2022","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"17 August 2022","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"19 August 2022","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"3","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"svcc2022","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/svcc2022.svcsi.org\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Easychair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"10","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"8","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"80% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"1","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}