BeeID: intrusion detection in AODV-based MANETs using artificial Bee colony and negative selection algorithms

Mobile ad hoc networks (MANETs) are multi-hop wireless networks of mobile nodes constructed dynamically without the use of any fixed network infrastructure. Due to inherent characteristics of these networks, malicious nodes can easily disrupt the routing process. A traditional approach to detect such malicious network activities is to build a profile of the normal network traffic, and then identify an activity as suspicious if it deviates from this profile. As the topology of a MANET constantly changes over time, the simple use of a static profile is not efficient. In this paper, we present a dynamic hybrid approach based on the artificial bee colony (ABC) and negative selection (NS) algorithms, called Bee ID, for intrusion detection in AODV-based MANETs. The approach consists of three phases: training, detection, and updating. In the training phase, a niching artificial bee colony algorithm, called Niche NABC, runs a negative selection algorithm multiple times to generate a set of mature negative detectors to cover the nonself space. In the detection phase, mature negative detectors are used to discriminate between normal and malicious network activities. In the updating phase, the set of mature negative detectors is updated by one of two methods of partial updating or total updating. We use the Monte Carlo integration to estimate the amount of the nonself space covered by negative detectors and to determine when the total updating should be done. We demonstrate the effectiveness of BeeID for detecting several types of routing attacks on AODV-based MANETs simulated using the NS2 simulator. The experimental results show that BeeID can achieve a better tradeoff between detection rate and false-alarm rate as compared to other dynamic approaches previously reported in the literature.

[1]  Claudia Eckert,et al.  On the Use of Hyperspheres in Artificial Immune Systems as Antibody Recognition Regions , 2006, ICARIS.

[2]  Elizabeth M. Belding-Royer,et al.  A secure routing protocol for ad hoc networks , 2002, 10th IEEE International Conference on Network Protocols, 2002. Proceedings..

[3]  Alan S. Perelson,et al.  Self-nonself discrimination in a computer , 1994, Proceedings of 1994 IEEE Computer Society Symposium on Research in Security and Privacy.

[4]  Panagiotis Papadimitratos,et al.  Secure Routing for Mobile Ad Hoc Networks , 2002 .

[5]  Fabio A. González,et al.  An immunity-based technique to characterize intrusions in computer networks , 2002, IEEE Trans. Evol. Comput..

[6]  Mahdi Abadi,et al.  A dynamic clustering-based approach for anomaly detection in AODV-based MANETs , 2011, 2011 International Symposium on Computer Networks and Distributed Systems (CNDS).

[7]  Nei Kato,et al.  A Dynamic Anomaly Detection Scheme for AODV-Based Mobile Ad Hoc Networks , 2009, IEEE Transactions on Vehicular Technology.

[8]  Bin Xu,et al.  Hybrid Detector Based Negative Selection Algorithm , 2009, 2009 5th International Conference on Wireless Communications, Networking and Mobile Computing.

[9]  H. Dai,et al.  Applying both positive and negative selection to supervised learning for anomaly detection , 2005, GECCO '05.

[10]  Dervis Karaboga,et al.  AN IDEA BASED ON HONEY BEE SWARM FOR NUMERICAL OPTIMIZATION , 2005 .

[11]  Zhou Ji,et al.  Negative selection algorithms: from the thymus to v-detector , 2006 .

[12]  Mihaela Cardei,et al.  A Survey of Attacks and Countermeasures in Mobile Ad Hoc Networks , 2007 .

[13]  Charles E. Perkins,et al.  Ad hoc On-Demand Distance Vector (AODV) Routing , 2001, RFC.

[14]  Dipankar Dasgupta,et al.  Immunological Computation: Theory and Applications , 2008 .

[15]  Jeng-Shyang Pan,et al.  Enhanced Artificial Bee Colony Optimization , 2022 .

[16]  Dervis Karaboga,et al.  Fuzzy clustering with artificial bee colony algorithm , 2010 .

[17]  Sunil Taneja,et al.  A Survey of Routing Protocols in Mobile Ad Hoc Networks , 2010 .

[18]  Pramod Kumar Soni,et al.  A Survey of Mobile Ad Hoc Network Attacks , 2013 .

[19]  Liang Xi,et al.  Evolving boundary detector for anomaly detection , 2011, Expert Syst. Appl..

[20]  D. Karaboga,et al.  On the performance of artificial bee colony (ABC) algorithm , 2008, Appl. Soft Comput..

[21]  Imrich Chlamtac,et al.  Mobile ad hoc networking: imperatives and challenges , 2003, Ad Hoc Networks.

[22]  David B. Johnson,et al.  The Dynamic Source Routing Protocol for Mobile Ad Hoc Networks , 2003 .

[23]  Jean-Yves Le Boudec,et al.  An artificial immune system approach with secondary response for misbehavior detection in mobile ad hoc networks , 2005, IEEE Transactions on Neural Networks.

[24]  Fabio A. González,et al.  A Randomized Real-Valued Negative Selection Algorithm , 2003, ICARIS.

[25]  Pascal Bouvry,et al.  Immune anomaly detection enhanced with evolutionary paradigms , 2006, GECCO.

[26]  D. Wong,et al.  Negative Selection Algorithm for Aircraft Fault Detection , 2004, ICARIS.

[27]  Xia Wang,et al.  An End-to-end Detection of Wormhole Attack in Wireless Ad-hoc Networks , 2007, 31st Annual International Computer Software and Applications Conference (COMPSAC 2007).

[28]  Zhou Ji,et al.  Real-Valued Negative Selection Algorithm with Variable-Sized Detectors , 2004, GECCO.