A model of data forwarding in MANETs for lightweight detection of malicious packet dropping

This work introduces a model of data forwarding in MANETs which is used for recognizing malicious packet dropping behaviors. First, different legitimate packet discard situations are modeled, such as those generated by collisions, channel errors or mobility related droppings. Second, we propose an anomaly-based IDS system based on an enhanced windowing method to carry out the collection and analysis of selected cross-layer features. Third, a real deployment of the IDS is also considered by suggesting a methodology for the collection of the selected features in a distributed manner. We evaluate our proposal in a simulation framework and the experimental results show a considerable enhancement in detection results when compared with other approaches in the literature. For instance, our scheme shows a 22% improvement in terms of true positives rate and a remarkable 83% improvement in terms of false positives rate when compared to previous well-known statistical solutions. Finally, it is notable the simplicity and lightweightness of the proposal.

[1]  Abderrahmane Baadache,et al.  Struggling against simple and cooperative black hole attacks in multi-hop wireless ad hoc networks , 2014, Comput. Networks.

[2]  Gabriel Maciá-Fernández,et al.  Taxonomy and Holistic Detection of Security Attacks in MANETs , 2014 .

[3]  V. Sankaranarayanan,et al.  Prevention of Co-operative Black Hole Attack in MANET , 2008, J. Networks.

[4]  Prashant Krishnamurthy,et al.  Detecting Malicious Packet Dropping in the Presence of Collisions and Channel Errors in Wireless Ad Hoc Networks , 2009, 2009 IEEE International Conference on Communications.

[5]  Wenke Lee,et al.  Attack Analysis and Detection for Ad Hoc Routing Protocols , 2004, RAID.

[6]  Bu-Sung Lee,et al.  CRADS: Integrated Cross Layer Approach for Detecting Routing Attacks in MANETs , 2008, 2008 IEEE Wireless Communications and Networking Conference.

[7]  Djamel Djenouri,et al.  On eliminating packet droppers in MANET: A modular solution , 2009, Ad Hoc Networks.

[8]  Djamel Djenouri,et al.  Random Feedbacks for Selfish Nodes Detection in Mobile Ad Hoc Networks , 2005, IPOM.

[9]  Soufiene Djahel,et al.  An Acknowledgment-Based Scheme to Defend Against Cooperative Black Hole Attacks in Optimized Link State Routing Protocol , 2008, 2008 IEEE International Conference on Communications.

[10]  Pramod K. Varshney,et al.  An Acknowledgment-Based Approach for the Detection of Routing Misbehavior in MANETs , 2007, IEEE Transactions on Mobile Computing.

[11]  Nei Kato,et al.  Detecting Blackhole Attack on AODV-based Mobile Ad Hoc Networks by Dynamic Learning Method , 2007, Int. J. Netw. Secur..

[12]  Jesús E. Díaz-Verdejo,et al.  Defenses against Packet-Dropping Attacks in Wireless Multihop Ad Hoc Networks , 2014 .

[13]  Azzedine Boukerche,et al.  Routing protocols in ad hoc networks: A survey , 2011, Comput. Networks.

[14]  Pramod K. Varshney,et al.  TWOACK: preventing selfishness in mobile ad hoc networks , 2005, IEEE Wireless Communications and Networking Conference, 2005.

[15]  Michael P. Howarth,et al.  Protection of MANETs from a range of attacks using an intrusion detection and prevention system , 2013, Telecommun. Syst..

[16]  Gabriel Maciá-Fernández,et al.  An Efficient Cross-Layer Approach for Malicious Packet Dropping Detection in MANETs , 2012, 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications.

[17]  Michael P. Howarth,et al.  Adaptive intrusion detection & prevention of denial of service attacks in MANETs , 2009, IWCMC.

[18]  Jean-Yves Le Boudec,et al.  Performance analysis of the CONFIDANT protocol , 2002, MobiHoc '02.

[19]  Theodore S. Rappaport,et al.  Wireless communications - principles and practice , 1996 .

[20]  Bu-Sung Lee,et al.  Cross-Layer Detection of Sinking Behavior in Wireless Ad Hoc Networks Using SVM and FDA , 2011, IEEE Transactions on Dependable and Secure Computing.

[21]  Sajal K. Das,et al.  Cooperative black and gray hole attacks in mobile ad hoc networks , 2008, ICUIMC '08.

[22]  A. Kannan,et al.  Multi-Layer Integrated Anomaly Intrusion Detection System for Mobile Adhoc Networks , 2007, 2007 International Conference on Signal Processing, Communications and Networking.

[23]  Ravishankar K. Iyer,et al.  Inner-Circle Consistency for Wireless Ad Hoc Networks , 2007, IEEE Transactions on Mobile Computing.

[24]  Philip S. Yu,et al.  Cross-feature analysis for detecting ad-hoc routing anomalies , 2003, 23rd International Conference on Distributed Computing Systems, 2003. Proceedings..

[25]  Sarmistha Neogy,et al.  Trust based energy efficient detection and avoidance of black hole attack to ensure secure routing in MANET , 2014, 2014 Applications and Innovations in Mobile Computing (AIMoC).

[26]  Luís E. T. Rodrigues,et al.  Friends and foes: preventing selfishness in open mobile ad hoc networks , 2003, 23rd International Conference on Distributed Computing Systems Workshops, 2003. Proceedings..

[27]  David de Andrés,et al.  A survey of evaluation platforms for ad hoc routing protocols: A resilience perspective , 2014, Comput. Networks.

[28]  Chai Kiat Yeo,et al.  A Novel Architecture of Intrusion Detection System , 2010, 2010 7th IEEE Consumer Communications and Networking Conference.

[29]  P. Krishnamurthy,et al.  Markov modeling of 802.11 channels , 2003, 2003 IEEE 58th Vehicular Technology Conference. VTC 2003-Fall (IEEE Cat. No.03CH37484).

[30]  Calvin Ko,et al.  Challenges in intrusion detection for wireless ad-hoc networks , 2003, 2003 Symposium on Applications and the Internet Workshops, 2003. Proceedings..

[31]  Abderrahmane Baadache,et al.  Fighting against packet dropping misbehavior in multi-hop wireless ad hoc networks , 2012, J. Netw. Comput. Appl..

[32]  R.M. Buehrer,et al.  Wireless communications: past events and a future perspective , 2002, IEEE Communications Magazine.

[33]  Yi Pan,et al.  Wireless Ad Hoc and Sensor Networks: Management, Performance, and Applications , 2013 .

[34]  Wenke Lee,et al.  Intrusion Detection Techniques for Mobile Wireless Networks , 2003, Wirel. Networks.

[35]  Juan-Carlos Cano,et al.  A Collaborative Bayesian Watchdog for Detecting Black Holes in MANETs , 2012, IDC.

[36]  Soufiene Djahel,et al.  Mitigating Packet Dropping Problem in Mobile Ad Hoc Networks: Proposals and Challenges , 2011, IEEE Communications Surveys & Tutorials.

[37]  David A. Maltz,et al.  Dynamic Source Routing in Ad Hoc Wireless Networks , 1994, Mobidata.

[38]  D. Djenouri,et al.  New approach for selfish nodes detection in mobile ad hoc networks , 2005, Workshop of the 1st International Conference on Security and Privacy for Emerging Areas in Communication Networks, 2005..

[39]  Charles E. Perkins,et al.  Ad hoc On-Demand Distance Vector (AODV) Routing , 2001, RFC.

[40]  Michael P. Howarth,et al.  An intrusion detection & adaptive response mechanism for MANETs , 2014, Ad Hoc Networks.

[41]  Mary Baker,et al.  Mitigating routing misbehavior in mobile ad hoc networks , 2000, MobiCom '00.