Hybrid intrusion detection system using blockchain framework

Data security and confidentiality are major goals now days due to the extensive use of the internet for data sharing. In modern era, most of the networks are compromised by intruders to grab access to private, confidential, and highly secured data. An intrusion detection system (IDS) is widely used to secure the network from getting compromised by intruders. Most of the IDS share the signatures of the novel attacks detected by anomaly approach for improving the detection rate and processing time. Security of signature shared by nodes is becoming a considerable problem. This paper presents a novel framework blockchain based hybrid intrusion detection system (BC-HyIDS), which uses the blockchain framework for exchanging signatures from one node to the other in distributed IDS. BC-HyIDS works in three phases where it uses both detection methods and blockchain in the third phase to provide security to data transferred through the network. This system makes use of a cryptosystem to encrypt the data stored in blocks to improve security one level higher. Hyperledger fabric v2.0 and Hyperledger sawtooth is used to implement system. Blockchain framework is created as a prototype using distributed ledger technology which helps in securing signature exchange. Performance of BC-HyIDS is evaluated in terms of accuracy, detection rate, and false alarm rate. From results, it is observed that a 2.8% increase in accuracy, 4.3% increase in detection rate, and a reduction of 2.6% in FAR is achieved. Blockchain performance is evaluated using Hyperledger fabric v2.0 and Hyperledger sawtooth on throughput, processing time, and average latency. BC-HyIDS shows improved performance when used with blockchain.