SNACK: An efficient intrusion detection system in Mobile Ad-Hoc Network based on the Selective-Negative Acknowledgement algorithm

The Mobile Ad-Hoc Network (MANET) consists of independent devices connected together, which can change their locations and configure themselves without being controlled by a central unit. This autonomous topology of MANET makes it vulnerable against the internal attacks, such as black hole, wormhole, and flooding, from inside the system. One existing solution to this problem has been achieved by using Negative Acknowledgement (NACK) as an Intrusion Detection System (IDS). NACK method is easy to implement and has a high level of packet delivery with lightweight security monitoring. However, although packet delivery is guaranteed in NACK, its high rate of routing overhead and high level of energy consumption become as two big weaknesses of the network, especially when it comes to increasing the mobility and the number of insider attacks. In this study the performance of NACK in this regard has been challenged and investigated in different scenarios. Then a new approach, called Selective Negative Acknowledgement (SNACK), based on NACK and Selective Acknowledgement (SACK) is proposed. It is shown that the proposed acknowledgement method outperforms NACK with much less packet overhead, by comparing the results of simulations in Network Simulator v-2.35 (NS-2).

[1]  Shaveta Jain,et al.  A Survey on Multicast Routing Protocols for Mobile Ad Hoc Networks , 2014 .

[2]  Sushil Jajodia,et al.  An interleaved hop-by-hop authentication scheme for filtering of injected false data in sensor networks , 2004, IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004.

[3]  A. Roach,et al.  A Negative Acknowledgement Mechanism for Signaling Compression Status of This Memo , 2022 .

[4]  Lajos Hanzo,et al.  Admission control schemes for 802.11-based multi-hop mobile ad hoc networks: a survey , 2009, IEEE Communications Surveys & Tutorials.

[5]  Xinyu Yang,et al.  A Novel En-route Filtering Scheme against False Data Injection Attacks in Cyber-Physical Networked Systems , 2012, 2012 IEEE 32nd International Conference on Distributed Computing Systems.

[6]  Zhuang Yi,et al.  A Load Balancing Algorithm with Key Resource Relevance for Virtual Cluster , 2013 .

[7]  Yunghsiang Sam Han,et al.  A pairwise key pre-distribution scheme for wireless sensor networks , 2003, CCS '03.

[8]  Xue Liu,et al.  A survey of multicast routing protocols for mobile Ad-Hoc networks , 2009, IEEE Communications Surveys & Tutorials.

[9]  Haiyun Luo,et al.  Statistical en-route filtering of injected false data in sensor networks , 2004, IEEE INFOCOM 2004.

[10]  Pramod K. Varshney,et al.  TWOACK: preventing selfishness in mobile ad hoc networks , 2005, IEEE Wireless Communications and Networking Conference, 2005.

[11]  Adam B. Roach A Negative Acknowledgement Mechanism for Signaling Compression , 2005, RFC.

[12]  Sally Floyd,et al.  RFC 2018: TCP Selective Acknowledgment Options , 1996 .

[13]  Xinyu Yang,et al.  A Novel En-Route Filtering Scheme Against False Data Injection Attacks in Cyber-Physical Networked Systems , 2012, IEEE Transactions on Computers.

[14]  Sally Floyd,et al.  Simulation-based comparisons of Tahoe, Reno and SACK TCP , 1996, CCRV.

[15]  Miguel A. Labrador,et al.  Performance of TCP over wireless networks with the Snoop protocol , 2002, 27th Annual IEEE Conference on Local Computer Networks, 2002. Proceedings. LCN 2002..

[16]  Miguel A. Labrador,et al.  Performance Analysis of TCP over Static Ad Hoc Wireless Networks , 2002 .

[17]  M. Wahengbam,et al.  Intrusion Detection in MANET using fuzzy logic , 2012, 2012 3rd National Conference on Emerging Trends and Applications in Computer Science.

[18]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[19]  Hung-Min Sun,et al.  A novel acknowledgment-based approach against collude attacks in MANET , 2012, Expert Syst. Appl..

[20]  Virgil D. Gligor,et al.  A key-management scheme for distributed sensor networks , 2002, CCS '02.

[21]  Sally Floyd,et al.  An Extension to the Selective Acknowledgement (SACK) Option for TCP , 2000, RFC.

[22]  Sally Floyd,et al.  TCP Selective Acknowledgement Options , 1996 .

[23]  Jingsha He,et al.  Authentication and En-route Data Filtering for Wireless Sensor Networks in the Internet of Things Scenario , 2013 .