Self healing intrusion detection in networks using blockchain

Abstract

Host based Intrusion Detection Systems rely on a database to indentify threats to the computer system. The intrusion detection process in a protected system depends entirely on the integrity of this database and is therefore a preferred target of attackers. Existing techniques to secure this database either lack flexibility or the desired level of protection. Hence, there is a need to explore new techniques to protect the database in a better way. In this research thesis, we have explored the blockchain technology to secure the IDS database by storing the system checksum on blockchain immutable ledger. Secure updates for operating system are also proposed to be tackled through the blockchain distributed consensus. Since blockchain is a very new technology, therefore this research is a first attempt to secure IDS database integrity in a distributed manner. The research work explores various IDS types and techniques along with existing blockchain projects related to scalability, storage and malware detection. In our proposed IDS design, we identified some integrity related threats and expect that the proposed system will be secure against such attacks through use of blockchain technology.