Modeling and analysis of intrusion detection integrated with batch rekeying for dynamic group communication systems in mobile ad hoc networks

We investigate performance characteristics of secure group communication systems (GCSs) in mobile ad hoc networks that employ intrusion detection techniques for dealing with insider attacks tightly coupled with rekeying techniques for dealing with outsider attacks. The objective is to identify optimal settings including the best intrusion detection interval and the best batch rekey interval under which the system lifetime (mean time to security failure) is maximized while satisfying performance requirements. We develop a mathematical model based on stochastic Petri net to analyze tradeoffs between security and performance properties, when given a set of parameter values characterizing operational and environmental conditions of a GCS instrumented with intrusion detection tightly coupled with batch rekeying. We compare our design with a baseline system using intrusion detection integrated with individual rekeying to demonstrate the effectiveness.

[1]  Gene Tsudik,et al.  Key Agreement in Dynamic Peer Groups , 2000, IEEE Trans. Parallel Distributed Syst..

[2]  O. Kachirski,et al.  Intrusion detection using mobile agents in wireless ad hoc networks , 2002, Proceedings. IEEE Workshop on Knowledge Media Networking.

[3]  Jiejun Kong,et al.  Providing robust and ubiquitous security support for mobile ad-hoc networks , 2001, Proceedings Ninth International Conference on Network Protocols. ICNP 2001.

[4]  Kai Inkinen New Secure Routing in Ad Hoc Networks: Study and Evaluation of Proposed Schemes , 2004 .

[5]  Udo W. Pooch,et al.  Routing anomaly detection in mobile ad hoc networks , 2003, Proceedings. 12th International Conference on Computer Communications and Networks (IEEE Cat. No.03EX712).

[6]  A T Karygiannis,et al.  Wireless Network Security: 802.11, Bluetooth and Handheld Devices , 2002 .

[7]  David K. Y. Yau,et al.  Distributed collaborative key agreement and authentication protocols for dynamic peer Groups , 2006, IEEE/ACM Transactions on Networking.

[8]  Sushil Jajodia,et al.  Kronos: a scalable group re-keying approach for secure multicast , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[9]  Wenke Lee,et al.  A cooperative intrusion detection system for ad hoc networks , 2003, SASN '03.

[10]  Xiaozhou Li,et al.  Batch rekeying for secure group communications , 2001, WWW '01.

[11]  Jin-Hee Cho,et al.  Performance Analysis of Dynamic Group Communication Systems with Intrusion Detection Integrated with Batch Rekeying in Mobile Ad Hoc Networks , 2008, 22nd International Conference on Advanced Information Networking and Applications - Workshops (aina workshops 2008).

[12]  Jin-Hee Cho,et al.  Performance optimization of region-based group key management in mobile ad hoc networks , 2008, Perform. Evaluation.

[13]  Felix C. Freiling,et al.  Byzantine Failures and Security: Arbitrary is not (always) Random , 2003, GI Jahrestagung.

[14]  A. Girotra,et al.  Performance Analysis of the IEEE 802 . 11 Distributed Coordination Function , 2005 .

[15]  Peter Mell,et al.  Intrusion Detection Systems , 2001 .

[16]  Xiaozhou Li,et al.  Reliable group rekeying: a performance analysis , 2001, SIGCOMM '01.

[17]  Adrian Perrig,et al.  On the distribution and revocation of cryptographic keys in sensor networks , 2005, IEEE Transactions on Dependable and Secure Computing.

[18]  Jin-Hee Cho,et al.  On design tradeoffs between security and performance in wireless group communicating systems , 2005, 1st IEEE ICNP Workshop on Secure Network Protocols, 2005. (NPSec)..

[19]  Karl N. Levitt,et al.  A general cooperative intrusion detection architecture for MANETs , 2005, Third IEEE International Workshop on Information Assurance (IWIA'05).

[20]  Gene Tsudik,et al.  Diffie-Hellman key distribution extended to group communication , 1996, CCS '96.

[21]  Hervé Debar,et al.  Aggregation and Correlation of Intrusion-Detection Alerts , 2001, Recent Advances in Intrusion Detection.

[22]  Jie Wu,et al.  An efficient group key management scheme for mobile ad hoc networks , 2009, Int. J. Secur. Networks.

[23]  Zhiqun Deng,et al.  Data Distribution Algorithm Using Time Based Weighted Distributed Hash Tables , 2008, 2008 Seventh International Conference on Grid and Cooperative Computing.

[24]  Magnus Almgren,et al.  Recent Advances in Intrusion Detection , 2004, Lecture Notes in Computer Science.

[25]  Calvin Ko,et al.  Challenges in intrusion detection for wireless ad-hoc networks , 2003, 2003 Symposium on Applications and the Internet Workshops, 2003. Proceedings..

[26]  Gene Tsudik,et al.  Simple and fault-tolerant key agreement for dynamic collaborative groups , 2000, CCS.

[27]  J.B.D. Cabrera,et al.  Infrastructures and algorithms for distributed anomaly-based intrusion detection in mobile ad-hoc networks , 2005, MILCOM 2005 - 2005 IEEE Military Communications Conference.

[28]  Udo W. Pooch,et al.  Alert aggregation in mobile ad hoc networks , 2003, WiSe '03.

[29]  J. J. Garcia-Luna-Aceves,et al.  Delay analysis of IEEE 802.11 in single-hop networks , 2003, 11th IEEE International Conference on Network Protocols, 2003. Proceedings..

[30]  Mohan S. Kankanhalli,et al.  Efficient and robust key management for large mobile ad hoc networks , 2005, Comput. Networks.

[31]  Jin-Hee Cho,et al.  On optimal batch rekeying for secure group communications in wireless networks , 2008, Wirel. Networks.

[32]  Wenke Lee,et al.  Intrusion Detection Techniques for Mobile Wireless Networks , 2003, Wirel. Networks.

[33]  Ramesh Govindan,et al.  Improving lookup latency in distributed hash table systems using random sampling , 2005, IEEE/ACM Transactions on Networking.

[34]  Mary Baker,et al.  Mitigating routing misbehavior in mobile ad hoc networks , 2000, MobiCom '00.

[35]  Mohamed G. Gouda,et al.  Secure group communications using key graphs , 1998, SIGCOMM '98.

[36]  Felix C. Gaertner Byzantine Failures and Security: Arbitrary is not (always) Random , 2003 .