Mobile ad hoc networks (MANETs) provide possibilities to realize IP-based networks without the presence of a fixed infrastructure. Therefore, this technology has also become attractive for tactical networks, such as in command posts, vehicle convoys, autonomous robot systems, and also for infantry troops. Due to its radio characteristics, it is widely known that MANETs may become subject to different kinds of attacks against their availability and against the integrity, authenticity, and confidentiality of the information that is transmitted, processed, and stored on their devices. In terms of information assurance, many protective measures need to be applied to these networks in order to make them deployable even for critical missions – in terms of intrusion prevention, detection, resistance, and response. MITE (MANET Intrusion Detection for Tactical Environments) is a collaborative research project that aims at developing prototypical solutions for intrusion detection in MANETs – especially in tactical scenarios. Its results so far have been realized and evaluated as real-world implementations, with the emphasis on flexibility and demonstrability – not exclusively relying on simulation results. This contribution presents a broad overview of MITE, starting with the reference scenario and attacker model, continuing with the description of several detection approaches, a robust and resource saving sensordetector infrastructure as well as supporting components and finishing with the discussion of evaluation results in terms of detection speed, preciseness and robustness. Additionally, future directions of the research project are explained.
[1]
Jens Tölle,et al.
Detecting Black Hole Attacks in Tactical MANETs using Topology Graphs
,
2007
.
[2]
Martin Sommer,et al.
Using Localization Information for Attack Detection in Mobile Ad hoc Networks
,
2008,
Sicherheit.
[3]
Danny Dhillon,et al.
Implementation & evaluation of an IDS to safeguard OLSR integrity in MANETs
,
2006,
IWCMC '06.
[4]
Jens Tölle,et al.
A Robust SNMP Based Infrastructure for Intrusion Detection and Response in Tactical MANETs
,
2006,
DIMVA.
[5]
D. Curry,et al.
Intrusion Detection Message Exchange Format Data Model and Extensible Markup Language (XML) Document Type Definition
,
2004
.
[6]
M. Wang,et al.
An effective intrusion detection approach for OLSR MANET protocol
,
2005,
1st IEEE ICNP Workshop on Secure Network Protocols, 2005. (NPSec)..
[7]
P. Martini,et al.
Impact of Sanitized Message Flows in a Cooperative Intrusion Warning System
,
2006,
MILCOM 2006 - 2006 IEEE Military Communications conference.
[8]
Peter Martini,et al.
Graph based Metrics for Intrusion Response Measures in Computer Networks
,
2007,
32nd IEEE Conference on Local Computer Networks (LCN 2007).
[9]
Jens Tölle.
Intrusion Detection durch strukturbasierte Erkennung von Anomalien im Netzwerkverkehr
,
2002
.