A dynamic intrusion detection hierarchy for MANETs

MANETs lack natural concentration points at which a single dedicated node can monitor all network traffic for intrusions. Consequently, detecting attacks on MANETs requires distributed, cooperative intrusion detection techniques. We examine an approach to organizing a cooperative intrusion detection system for MANETs as a dynamic hierarchy that adapts to changes in topology and other environmental factors. We describe the rationale for this approach, the design of a set of hierarchy services to support it, and our experience developing prototype intrusion detection components that utilize these services.

[1]  R. Gopaul,et al.  Creating and Maintaining a Good Intrusion Detection Hierarchy in Dynamic Ad Hoc Networks , 2006, MILCOM 2006 - 2006 IEEE Military Communications conference.

[2]  K. Manousakis,et al.  A stochastic approximation approach for improving intrusion detection data fusion structures , 2008, MILCOM 2008 - 2008 IEEE Military Communications Conference.

[3]  Jean-Yves Le Boudec,et al.  Nodes bearing grudges: towards routing security, fairness, and robustness in mobile ad hoc networks , 2002, Proceedings 10th Euromicro Workshop on Parallel, Distributed and Network-based Processing.

[4]  Peter Kruus,et al.  Countering False Accusations and Collusion in the Detection of In-Band Wormholes , 2007, Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007).

[5]  Kyriakos Manousakis,et al.  Fast and flexible tool for the generation, maintenance and evaluation of hierarchical structures in diverse networks , 2006, REALMAN '06.

[6]  Peter Kruus,et al.  Gravitational Analysis of the In-Band Wormhole Phenomenon , 2006 .

[7]  Tao Jiang,et al.  Intrusion detection of in-band wormholes in MANETs using advanced statistical methods , 2008, MILCOM 2008 - 2008 IEEE Military Communications Conference.

[8]  Peng Ning,et al.  Secure Distributed Cluster Formation in Wireless Sensor Networks , 2006, 2006 22nd Annual Computer Security Applications Conference (ACSAC'06).

[9]  Wenli Chen,et al.  ANMP: ad hoc network management protocol , 1999, IEEE J. Sel. Areas Commun..

[10]  John S. Baras,et al.  Intrusion Detection System Resiliency to Byzantine Attacks: The Case Study of Wormholes in OLSR , 2007, MILCOM 2007 - IEEE Military Communications Conference.

[11]  M.A. Gorlatova,et al.  Detecting Wormhole Attacks in Mobile Ad Hoc Networks through Protocol Breaking and Packet Timing Analysis , 2006, MILCOM 2006 - 2006 IEEE Military Communications conference.

[12]  Wenke Lee,et al.  A cooperative intrusion detection system for ad hoc networks , 2003, SASN '03.

[13]  Ejaz Ahmed,et al.  Cluster-based Intrusion Detection (CBID) architecture for mobile ad hoc networks , 2006 .

[14]  Raman K. Mehra,et al.  Ensemble methods for anomaly detection and distributed intrusion detection in Mobile Ad-Hoc Networks , 2008, Inf. Fusion.

[15]  Karl N. Levitt,et al.  A general cooperative intrusion detection architecture for MANETs , 2005, Third IEEE International Workshop on Information Assurance (IWIA'05).

[16]  Neil Immerman,et al.  Leader election algorithms for wireless ad hoc networks , 2003, Proceedings DARPA Information Survivability Conference and Exposition.

[17]  Mary Baker,et al.  Mitigating routing misbehavior in mobile ad hoc networks , 2000, MobiCom '00.

[18]  Peter Kruus,et al.  In-Band Wormholes and Countermeasures in OLSR Networks , 2006, 2006 Securecomm and Workshops.

[19]  K. Manousakis,et al.  Using multi-objective domain optimization for routing in hierarchical networks , 2005, 2005 International Conference on Wireless Networks, Communications and Mobile Computing.

[20]  Ratan K. Guha,et al.  Effective intrusion detection using multiple sensors in wireless ad hoc networks , 2003, 36th Annual Hawaii International Conference on System Sciences, 2003. Proceedings of the.