Effect of Intrusion Detection on Reliability of Mission-Oriented Mobile Group Systems in Mobile Ad Hoc Networks

For mission-oriented mobile group systems designed to continue mission execution in hostile environments in the presence of security attacks, it is critical to properly deploy intrusion detection techniques to cope with insider attacks to enhance the system reliability. In this paper, we analyze the effect of intrusion detection system (IDS) techniques on the reliability of a mission-oriented group communication system consisting of mobile groups set out for mission execution in mobile ad hoc networks. Unlike the common belief that IDS should be executed as often as possible to cope with insider attacks to prolong the system lifetime, we discover that IDS should be executed at an optimal rate to maximize the mean time to failure of the system. Further, the optimal rate at which IDS is executed depends on the operational conditions, system failure definitions, attacker behaviors, and IDS techniques used. We develop mathematical models based on Stochastic Petri nets to identify the optimal rate for IDS execution to maximize the mean time to failure of the system, when given a set of parameter values characterizing the operational conditions, and attacker behaviors.

[1]  Lang Tong,et al.  Energy efficiency of large-scale wireless networks: proactive versus reactive networking , 2005, IEEE Journal on Selected Areas in Communications.

[2]  Philip K. McKinley,et al.  Energy Optimization under Informed Mobility , 2006, IEEE Transactions on Parallel and Distributed Systems.

[3]  Myung J. Lee,et al.  A lightweight encryption and authentication scheme for wireless sensor networks , 2006, Int. J. Secur. Networks.

[4]  Zongpeng Li,et al.  Probabilistic Power Management for Wireless Ad Hoc Networks , 2005, Mob. Networks Appl..

[5]  Andrea Bianco,et al.  Maximizing system lifetime in wireless sensor networks , 2007, Eur. J. Oper. Res..

[6]  A. Patcha,et al.  A game theoretic approach to modeling intrusion detection in mobile ad hoc networks , 2004, Proceedings from the Fifth Annual IEEE SMC Information Assurance Workshop, 2004..

[7]  William H. Sanders,et al.  Model-based validation of an intrusion-tolerant information system , 2004, Proceedings of the 23rd IEEE International Symposium on Reliable Distributed Systems, 2004..

[8]  William H. Sanders,et al.  Model-based evaluation: from dependability to security , 2004, IEEE Transactions on Dependable and Secure Computing.

[9]  Yong Ma,et al.  System lifetime optimization for heterogeneous sensor networks with a hub-spoke technology , 2004, IEEE Transactions on Mobile Computing.

[10]  Gene Tsudik,et al.  Diffie-Hellman key distribution extended to group communication , 1996, CCS '96.

[11]  Kishor S. Trivedi,et al.  Characterizing intrusion tolerant systems using a state transition model , 2001, Proceedings DARPA Information Survivability Conference and Exposition II. DISCEX'01.

[12]  Bharat B. Madan,et al.  A method for modeling and quantifying the security attributes of intrusion tolerant systems , 2004, Perform. Evaluation.

[13]  Xiaozhou Li,et al.  Batch rekeying for secure group communications , 2001, WWW '01.

[14]  Amitabha Das,et al.  The Utility of Partial Knowledge in Behavior Models: An Evaluation for Intrusion Detection , 2005, Int. J. Netw. Secur..

[15]  Mingyan Liu,et al.  Analysis of energy consumption and lifetime of heterogeneous wireless sensor networks , 2002, Global Telecommunications Conference, 2002. GLOBECOM '02. IEEE.

[16]  Felix C. Freiling,et al.  Byzantine Failures and Security: Arbitrary is not (always) Random , 2003, GI Jahrestagung.

[17]  Adrian Perrig,et al.  Secure broadcast communication in wired and wireless networks , 2002 .

[18]  Wenke Lee,et al.  Intrusion Detection Techniques for Mobile Wireless Networks , 2003, Wirel. Networks.

[19]  Nizar Bouabdallah,et al.  Node density control for maximizing wireless sensor network lifetime , 2008, Int. J. Netw. Manag..

[20]  Kishor S. Trivedi,et al.  Security analysis of SITAR intrusion tolerance system , 2003, SSRS '03.

[21]  Tomas Olovsson,et al.  A Quantitative Model of the Security Intrusion Process Based on Attacker Behavior , 1997, IEEE Trans. Software Eng..

[22]  Jung-Min Park,et al.  A Game Theoretic Formulation for Intrusion Detection in Mobile Ad Hoc Networks , 2006, Int. J. Netw. Secur..

[23]  Kishor S. Trivedi,et al.  Performance and Reliability Analysis of Computer Systems , 1996, Springer US.

[24]  Bharat B. Madan,et al.  Modeling and quantification of security attributes of software systems , 2002, Proceedings International Conference on Dependable Systems and Networks.

[25]  Qing Zhao,et al.  On the lifetime of wireless sensor networks , 2005, IEEE Communications Letters.

[26]  Donald F. Towsley,et al.  Comparison of inter-area rekeying algorithms for secure wireless group communications , 2002, Perform. Evaluation.

[27]  Marc Dacier,et al.  Quantitative Assessment of Operational Security: Models and Tools * , 1996 .

[28]  Adrian Perrig,et al.  On the distribution and revocation of cryptographic keys in sensor networks , 2005, IEEE Transactions on Dependable and Secure Computing.

[29]  Kishor S. Trivedi,et al.  Spnp Users Manual Version 4.0 , 1994 .

[30]  Robin Kravets,et al.  TITAN: on-demand topology management in ad hoc networks , 2005, MOCO.

[31]  Francisco Barceló,et al.  Energy and delay-constrained routing in mobile ad hoc networks: an initial approach , 2005, PE-WASUN '05.

[32]  A T Karygiannis,et al.  Wireless Network Security: 802.11, Bluetooth and Handheld Devices , 2002 .