LIDF: Layered intrusion detection framework for ad-hoc networks

As ad-hoc networks have different characteristics from a wired network, the intrusion detection techniques used for wired networks are no longer sufficient and effective when adapted directly to a wireless ad-hoc network. In this article, first the security challenges in intrusion detection for ad-hoc networks are identified and the related work for anomaly detection is discussed. We then propose a layered intrusion detection framework, which consists of collection, detection and alert modules that are handled by local agents. The collection, detection and alert modules are uniquely enabled with the main operations of ad-hoc networking, which are found at the OSI link and network layers. The proposed modules are based on interpolating polynomials and linear threshold schemes. An experimental evaluation of these modules shows their efficiency for several attack scenarios, such as route logic compromise, traffic patterns distortion and denial of service attacks.

[1]  Craig Scott,et al.  Methodology for evaluating the effectiveness of intrusion detection in tactical mobile ad-hoc networks , 2004, 2004 IEEE Wireless Communications and Networking Conference (IEEE Cat. No.04TH8733).

[2]  Ren-Fa Li,et al.  Intrusion detection using mobile agent in ad-hoc networks , 2004, Proceedings of 2004 International Conference on Machine Learning and Cybernetics (IEEE Cat. No.04EX826).

[3]  N. Nasser,et al.  Using mobile agents for intrusion detection in wireless ad hoc networks , 2005, Second IFIP International Conference on Wireless and Optical Communications Networks, 2005. WOCN 2005..

[4]  Mary Baker,et al.  Mitigating routing misbehavior in mobile ad hoc networks , 2000, MobiCom '00.

[5]  Sumita Mishra,et al.  A cross-layer based intrusion detection approach for wireless ad hoc networks , 2005, IEEE International Conference on Mobile Adhoc and Sensor Systems Conference, 2005..

[6]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[7]  Hossam S. Hassanein,et al.  Routeguard: an intrusion detection and response system for mobile ad hoc networks , 2005, WiMob'2005), IEEE International Conference on Wireless And Mobile Computing, Networking And Communications, 2005..

[8]  Udo W. Pooch,et al.  Towards adaptive intrusion detection in mobile ad hoc networks , 2004, IEEE Global Telecommunications Conference, 2004. GLOBECOM '04..

[9]  Saswati Sarkar,et al.  A framework for misuse detection in ad hoc Networks-part I , 2006, IEEE Journal on Selected Areas in Communications.

[10]  Jean-Yves Le Boudec,et al.  Performance analysis of the CONFIDANT protocol , 2002, MobiHoc '02.

[11]  A. Patcha,et al.  A game theoretic approach to modeling intrusion detection in mobile ad hoc networks , 2004, Proceedings from the Fifth Annual IEEE SMC Information Assurance Workshop, 2004..

[12]  Aikaterini Mitrokotsa,et al.  DDoS attacks and defense mechanisms: classification and state-of-the-art , 2004, Comput. Networks.

[13]  Amitabh Mishra,et al.  A novel intrusion detection approach for wireless ad hoc networks , 2004, 2004 IEEE Wireless Communications and Networking Conference (IEEE Cat. No.04TH8733).

[14]  Dharma P. Agrawal,et al.  Security enhancements in AODV protocol for wireless ad hoc networks , 2001, IEEE 54th Vehicular Technology Conference. VTC Fall 2001. Proceedings (Cat. No.01CH37211).

[15]  M. Weber,et al.  Sensors for Detection of Misbehaving Nodes in MANETs , 2004, PIK Prax. Informationsverarbeitung Kommun..

[16]  Udo W. Pooch,et al.  Routing anomaly detection in mobile ad hoc networks , 2003, Proceedings. 12th International Conference on Computer Communications and Networks (IEEE Cat. No.03EX712).

[17]  R. Sekar,et al.  Specification-based anomaly detection: a new approach for detecting network intrusions , 2002, CCS '02.

[18]  Jean-Yves Le Boudec,et al.  Performance analysis of the CONFIDANT protocol , 2002, MobiHoc '02.

[19]  Dimitris Vergados,et al.  Layered security design for mobile ad hoc networks , 2006, Comput. Secur..

[20]  Amitabh Mishra,et al.  Intrusion detection in wireless ad hoc networks , 2004, IEEE Wireless Communications.

[21]  Fan Hong,et al.  Intrusion Detection in Ad-hoc Networks , 2006 .

[22]  Hitesh Tewari,et al.  Real-time intrusion detection for ad hoc networks , 2005, Sixth IEEE International Symposium on a World of Wireless Mobile and Multimedia Networks.

[23]  Charles E. Perkins,et al.  Ad hoc On-Demand Distance Vector (AODV) Routing , 2001, RFC.

[24]  Calvin Ko,et al.  Challenges in intrusion detection for wireless ad-hoc networks , 2003, 2003 Symposium on Applications and the Internet Workshops, 2003. Proceedings..

[25]  Yang Li,et al.  MAC layer anomaly detection in ad hoc networks , 2005, Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop.

[26]  James C. Reynolds,et al.  On-line intrusion detection and attack prevention using diversity, generate-and-test, and generalization , 2003, 36th Annual Hawaii International Conference on System Sciences, 2003. Proceedings of the.

[27]  Thomas M. Chen,et al.  Dempster-Shafer theory for intrusion detection in ad hoc networks , 2005, IEEE Internet Computing.

[28]  Fan Hong,et al.  A distributed monitoring mechanism for mobile ad hoc networks , 2005, 8th International Symposium on Parallel Architectures,Algorithms and Networks (ISPAN'05).

[29]  Christos Douligeris,et al.  Detecting unauthorized and compromised nodes in mobile ad hoc networks , 2007, Ad Hoc Networks.