Int J Performability Eng ›› 2019, Vol. 15 ›› Issue (12): 3187-3195.

### A New Network Intrusion Detection System based on Blockchain

Jinhua Fua,b, Mixue Xua, Yongzhong Huanga, and Hongwei Taob,*

1. aState Key Laboratory of Mathematical Engineering and Advanced Computing, Information Engineering University, Zhengzhou, 450001, China;
bSchool of Computer and Communication Engineering, Zhengzhou University of Light Industry, Zhengzhou, 450002, China
• Submitted on  ;  Revised on  ; Accepted on
• Contact: * E-mail address: tthhww_811@163.com

Abstract: With the increasing application of computers and networks, several network security problems have emerged, and thus network intrusion detection systems have become the focus of network security research. In order to achieve the purpose of intrusion detection and protection, the traditional network intrusion detection system extracts features from the data of the network data stream according to the feature recognition algorithm and compares the extracted features with those in the training set to recognize the behavior. However, if a user wants to effectively detect malicious behaviors in the network, a large feature library is needed, and it cannot be shared with other users, which makes the quality of single user detection lower than the highest detection quality of the whole network. Blockchain, which is a new network system of decentralization, de-trust, tamper-proof, anti-counterfeiting, and traceability, plays an important role in the transmission and sharing of high-value data. In this paper, a new network intrusion detection system is designed based on blockchain, which can enable users to share feature libraries over the whole network by means of P2P network transmission. Meanwhile, its network structure and consensus algorithm are presented, and its security and performance are analyzed. Analysis results show that this system has lower false negative rates.