IDS modelling and evaluation in WANETs against black/grey-hole attacks using stochastic models

The aim of this paper is to model and evaluate the performance of intrusion detection systems (IDSs) facing black-hole and grey-hole attacks within wireless ad hoc networks (WANETs). The main performance metric of an IDS in a WANET can be defined as the mean time required for the IDS to detect an attack. To evaluate this measure, two types of stochastic models are used in this paper. In the first step, two different continuous time Markov chains (CTMCs) are proposed to model the attacks, and then, the method of computing the mean time to attack detection is presented. Since the number of states in the proposed CTMCs grows rapidly with increasing the number of intermediate nodes and the attacks which should be done by a single node to trigger the IDS to detect an attack, stochastic reward nets (SRNs) are exploited to automatically generate the proposed CTMCs in second step.

[1]  A.F. Farhan,et al.  Mobile agent intrusion detection system for Mobile Ad Hoc Networks: A non-overlapping zone approach , 2008, 2008 4th IEEE/IFIP International Conference on Central Asia on Internet.

[2]  Mooi Choo Chuah,et al.  Syntax vs. semantics: competing approaches to dynamic network intrusion detection , 2008, Int. J. Secur. Networks.

[3]  Jin-Hee Cho,et al.  Effect of Intrusion Detection on Failure Time of Mission-Oriented Mobile Group Systems in Mobile Ad Hoc Networks , 2008, 2008 14th IEEE Pacific Rim International Symposium on Dependable Computing.

[4]  Sushil K. Sharma,et al.  Handbook of Research on Information Security and Assurance , 2008 .

[5]  Victor C. M. Leung,et al.  FADE: Forwarding Assessment Based Detection of Collaborative Grey Hole Attacks in WMNs , 2013, IEEE Transactions on Wireless Communications.

[6]  Kishor S. Trivedi,et al.  A stochastic reward net model for performance analysis of prioritized DQDB MAN , 1999, Comput. Commun..

[7]  J.-P. Hubaux,et al.  Impact of Denial of Service Attacks on Ad Hoc Networks , 2008, IEEE/ACM Transactions on Networking.

[8]  Shiyong Zhang,et al.  Distributed Intrusion Detection for Mobile Ad Hoc Networks , 2005 .

[9]  Gulshan Kumar,et al.  Evaluation Metrics for Intrusion Detection Systems - A Study , 2014 .

[10]  Yasushi Wakahara,et al.  Proposal of a method to detect black hole attack in MANET , 2009, 2009 International Symposium on Autonomous Decentralized Systems.

[11]  Boudewijn R. Haverkort,et al.  Markovian Models for Performance and Dependability Evaluation , 2002, European Educational Forum: School on Formal Methods and Performance Analysis.

[12]  Kishor S. Trivedi,et al.  Dependability and Performability Analysis , 1993, Performance/SIGMETRICS Tutorials.

[13]  Jie Wu,et al.  A Survey on Intrusion Detection in Mobile Ad Hoc Networks , 2007 .

[14]  Jean-Yves Le Boudec,et al.  Performance analysis of the CONFIDANT protocol , 2002, MobiHoc '02.

[15]  Ali Khalili,et al.  Performance Evaluation of Sensor Medium Access Control Protocol Using Coloured Petri Nets , 2009, Electron. Notes Theor. Comput. Sci..

[16]  Aikaterini Mitrokotsa,et al.  Intrusion Detection with Neural Networks and Watermarking Techniques for MANET , 2007, IEEE International Conference on Pervasive Services.

[17]  João Paulo Magalhães,et al.  Anomaly Detection Techniques for Web-Based Applications: An Experimental Study , 2012, 2012 IEEE 11th International Symposium on Network Computing and Applications.

[18]  Peter Xiaoping Liu,et al.  Distributed Combined Authentication and Intrusion Detection With Data Fusion in High-Security Mobile Ad Hoc Networks , 2010, IEEE Transactions on Vehicular Technology.

[19]  Qiang Zhou,et al.  Petri-Net-Based Modeling and Resolving of Black Hole Attack in WMN , 2012, 2012 IEEE 36th Annual Computer Software and Applications Conference Workshops.

[20]  Klara Nahrstedt,et al.  SMOCK: A Scalable Method of Cryptographic Key Management for Mission-Critical Wireless Ad-Hoc Networks , 2009, IEEE Transactions on Information Forensics and Security.

[21]  Kang G. Shin,et al.  Application-Layer Intrusion Detection in MANETs , 2010, 2010 43rd Hawaii International Conference on System Sciences.

[22]  Yuguang Fang,et al.  On the Price of Security in Large-Scale Wireless Ad Hoc Networks , 2011, IEEE/ACM Transactions on Networking.

[23]  Guy Pujolle,et al.  A Security Management Architecture for Supporting Routing Services on WANETs , 2012, IEEE Transactions on Network and Service Management.

[24]  Mehdi Medadian,et al.  Combat with Black hole attack in AODV routing protocol in MANET , 2009, 2009 First Asian Himalayas International Conference on Internet.

[25]  Peter Xiaoping Liu,et al.  Structural Results for Combined Continuous User Authentication and Intrusion Detection in High Security Mobile Ad-Hoc Networks , 2011, IEEE Transactions on Wireless Communications.

[26]  Cannady,et al.  New Methods of Intrusion Detection Using Control-Loop Measurement , 1996 .

[27]  William H. Sanders,et al.  Dependability Analysis with Markov Chains: How Symmetries Improve Symbolic Computations , 2007 .

[28]  Chen Wei,et al.  A Novel Gray Hole Attack Detection Scheme for Mobile Ad-Hoc Networks , 2007, 2007 IFIP International Conference on Network and Parallel Computing Workshops (NPC 2007).

[29]  Jaydip Sen,et al.  A mechanism for detection of gray hole attack in mobile Ad Hoc networks , 2007, 2007 6th International Conference on Information, Communications & Signal Processing.

[30]  Soufiene Djahel,et al.  Mitigating Packet Dropping Problem in Mobile Ad Hoc Networks: Proposals and Challenges , 2011, IEEE Communications Surveys & Tutorials.

[31]  Jin-Hee Cho,et al.  Performance analysis of distributed intrusion detection protocols for mobile group communication systems , 2009, 2009 IEEE International Symposium on Parallel & Distributed Processing.

[32]  S. Dharmaraja,et al.  Performance analysis of IEEE 802.11 DCF with stochastic reward nets , 2007, Int. J. Commun. Syst..

[33]  Kishor S. Trivedi,et al.  A Decomposition Approach for Stochastic Reward Net Models , 1993, Perform. Evaluation.

[34]  Kishor S. Trivedi,et al.  Composite Performance and Availability Analysis Using a Hierarchy of Stochastic Reward Nets , 1991 .

[35]  Gunter Bolch,et al.  Queueing Networks and Markov Chains - Modeling and Performance Evaluation with Computer Science Applications, Second Edition , 1998 .