Distributed and Cooperative Hierarchical Intrusion Detection on MANETs

The wireless links between the nodes together with the dynamicnetwork nature of ad hoc network, increases the challenges of design and implement intrusion detection to detect the attacks. Traditional intrusion detection techniques have had trouble dealing with dynamic environments. In particular, issues such as collects real time attack related audit data and cooperative global detection. Therefore, we are motivated to design a new intrusion detection architecture which involves new detection technique to efficiently detect the abnormalities in the ad hoc networks. In this paper we present the architecture and operation of an intrusion detection technique in Mobile Ad hoc NETwork (MANET). The proposed model has distributed and cooperative architecture. The proposed intrusion detection technique combines the flexibility of anomaly detection with the accuracy of a signature-based detection method. In particular, we exploit machine learning techniques in order to achieve efficient and effective intrusion detection. A series of simulation and experimental results demonstrate that the proposed intrusion detection can effectively detect anomalies with low false positive rate, high detection rate and achieve higher detection accuracy.

[1]  Ke Zhang,et al.  A New Local Distance-Based Outlier Detection Approach for Scattered Real-World Data , 2009, PAKDD.

[2]  C. Siva Ram Murthy,et al.  Ad Hoc Wireless Networks: Architectures and Protocols , 2004 .

[3]  A. Karygiannis,et al.  Host-based network monitoring tools for MANETs , 2006, PE-WASUN '06.

[4]  Farhan Abdel Fattah,et al.  Dynamic Intrusion Detection Method for Mobile Ad Hoc Network Using CPDOD Algorithm , 2010 .

[5]  Tomas Olovsson,et al.  A Quantitative Model of the Security Intrusion Process Based on Attacker Behavior , 1997, IEEE Trans. Software Eng..

[6]  Christopher Leckie,et al.  Evaluation of a Decentralized Architecture for Large Scale Collaborative Intrusion Detection , 2007, 2007 10th IFIP/IEEE International Symposium on Integrated Network Management.

[7]  Udo W. Pooch,et al.  Alert aggregation in mobile ad hoc networks , 2003, WiSe '03.

[8]  Karl N. Levitt,et al.  A general cooperative intrusion detection architecture for MANETs , 2005, Third IEEE International Workshop on Information Assurance (IWIA'05).

[9]  Vladimir Vovk,et al.  A tutorial on conformal prediction , 2007, J. Mach. Learn. Res..

[10]  Wenke Lee,et al.  A cooperative intrusion detection system for ad hoc networks , 2003, SASN '03.

[11]  Wei Sat,et al.  Guidelines on Selecting Intrusion Detection Methods in MANET , 2004 .

[12]  Wenke Lee,et al.  Intrusion detection in wireless ad-hoc networks , 2000, MobiCom '00.

[13]  Prabir Bhattacharya,et al.  Testing Intrusion Detection Systems in MANET: A Comprehensive Study , 2007, Fifth Annual Conference on Communication Networks and Services Research (CNSR '07).

[14]  O. Kachirski,et al.  Intrusion detection using mobile agents in wireless ad hoc networks , 2002, Proceedings. IEEE Workshop on Knowledge Media Networking.

[15]  Marcus A. Maloof,et al.  Machine Learning and Data Mining for Computer Security: Methods and Applications (Advanced Information and Knowledge Processing) , 2005 .

[16]  VARUN CHANDOLA,et al.  Anomaly detection: A survey , 2009, CSUR.

[17]  Jie Wu,et al.  A Survey on Intrusion Detection in Mobile Ad Hoc Networks , 2007 .

[18]  Karl N. Levitt,et al.  A specification-based intrusion detection system for AODV , 2003, SASN '03.

[19]  Calvin Ko,et al.  Challenges in intrusion detection for wireless ad-hoc networks , 2003, 2003 Symposium on Applications and the Internet Workshops, 2003. Proceedings..

[20]  Ricardo Staciarini Puttini,et al.  Security in Ad Hoc Networks: a General Intrusion Detection Architecture Enhancing Trust Based Approaches , 2002, Wireless Information Systems.

[21]  Alexander Gammerman,et al.  Prediction algorithms and confidence measures based on algorithmic randomness theory , 2002, Theor. Comput. Sci..

[22]  John E. Gaffney,et al.  Evaluation of Intrusion Detection Systems , 2003, Journal of research of the National Institute of Standards and Technology.

[23]  Li Guo,et al.  Network anomaly detection based on TCM-KNN algorithm , 2007, ASIACCS '07.

[24]  A.F. Farhan,et al.  Mobile agent intrusion detection system for Mobile Ad Hoc Networks: A non-overlapping zone approach , 2008, 2008 4th IEEE/IFIP International Conference on Central Asia on Internet.

[25]  Marco Furini,et al.  International Journal of Computer and Applications , 2010 .

[26]  Charles E. Perkins,et al.  Ad-hoc on-demand distance vector routing , 1999, Proceedings WMCSA'99. Second IEEE Workshop on Mobile Computing Systems and Applications.

[27]  Wenke Lee,et al.  Agent-based cooperative anomaly detection for wireless ad hoc networks , 2006, 12th International Conference on Parallel and Distributed Systems - (ICPADS'06).

[28]  Biswanath Mukherjee,et al.  A Methodology for Testing Intrusion Detection Systems , 1996, IEEE Trans. Software Eng..

[29]  MukherjeeBiswanath,et al.  A Methodology for Testing Intrusion Detection Systems , 1996 .

[30]  Philip S. Yu,et al.  Cross-feature analysis for detecting ad-hoc routing anomalies , 2003, 23rd International Conference on Distributed Computing Systems, 2003. Proceedings..