Distributed and Cooperative Anomaly Detection Scheme for Mobile Ad Hoc Networks

Due to their unique characteristics, such as the dynamic changing topology, the absence of central management, the cooperative routing mechanisms, and the resources constraints, Mobile ad hoc networks (MANETs) are relatively vulnerable to both active and passive attacks. In MANET, routing attacks try to disrupt the functions of routing protocol by intentionally or unintentionally dropping packets or propagating faked routing messages. However, due to their computation requirements, the prevention mechanisms are not powerful enough to secure MANET. In this paper, we propose a distributed and cooperative scheme using statistical methods to detect routing attacks in MANETs. Our scheme uses both direct and indirect observations to characterize the behaviors of both neighboring and remote nodes. Simple threshold and Grubb’s Test are utilized to propose our new detection methods. The scheme includes innovative methods to compute our proposed measures, Maximum Accusation Number (MAN) and Accusation Number (AN), which are used to make decision about node’s behavior. Experimental results show that our scheme performs well in detecting anomalous events in routing functions.

[1]  Mary Baker,et al.  Mitigating routing misbehavior in mobile ad hoc networks , 2000, MobiCom '00.

[2]  B Ng Survey of Anomaly Detection Methods , 2006 .

[3]  VARUN CHANDOLA,et al.  Anomaly detection: A survey , 2009, CSUR.

[4]  Ricardo Staciarini Puttini,et al.  Security in Ad Hoc Networks: a General Intrusion Detection Architecture Enhancing Trust Based Approaches , 2002, Wireless Information Systems.

[5]  Wenke Lee,et al.  A cooperative intrusion detection system for ad hoc networks , 2003, SASN '03.

[6]  Jean-Yves Le Boudec,et al.  Performance analysis of the CONFIDANT protocol , 2002, MobiHoc '02.

[7]  Qingbo Yang,et al.  A Survey of Anomaly Detection Methods in Networks , 2009, 2009 International Symposium on Computer Network and Multimedia Technology.

[8]  Yan Xiong,et al.  Routing attacks detection and reaction scheme for mobile ad hoc networks using statistical methods , 2013, 2013 22nd Wireless and Optical Communication Conference.

[9]  Tao Jiang,et al.  Intrusion detection of in-band wormholes in MANETs using advanced statistical methods , 2008, MILCOM 2008 - 2008 IEEE Military Communications Conference.

[10]  H. J. Arnold Introduction to the Practice of Statistics , 1990 .

[11]  Wenke Lee,et al.  Intrusion Detection Techniques for Mobile Wireless Networks , 2003, Wirel. Networks.

[12]  Peter Kruus,et al.  In-Band Wormholes and Countermeasures in OLSR Networks , 2006, 2006 Securecomm and Workshops.

[13]  Dongwoo Kim,et al.  Lifetime-enhancing selection of monitoring nodes for intrusion detection in mobile ad hoc networks , 2006 .

[14]  Refik Molva,et al.  Core: a collaborative reputation mechanism to enforce node cooperation in mobile ad hoc networks , 2002, Communications and Multimedia Security.