A Context Adaptive Intrusion Detection System for MANET

Due to the ad hoc and mobile nature of a MANET, it is much more vulnerable to attacks than a wired network. As a result, there has been a significant research focusing on designing an Intrusion Detection System (IDS) for MANETs to detect anomalous behavior and misuse. However, each mobile node in a MANET typically has limited energy and thus it is not efficient to perform IDS functions within a node to detect every incoming packet. There is a need for an IDS to implement an intelligent control mechanism in order to monitor and recognize security breach attempts efficiently over a period of the expected network lifetime. By leveraging the Network Node Intrusion Detection (NNID) strategy, we developed a context adaptive IDS controller that advises an IDS to carry out intrusion detection while being prepared for a possible ''cut through'' if it is likely that the residual energy is not sufficient. By being embedded with the context adaptive IDS controller, the proposed Context Adaptive Intrusion Detection System (CAIDS) is able to adapt to the current node context (such as residual energy, security threats and traffic loading) for accommodating and inspecting new arriving packets. The performance is evaluated using a reward function that discovers an effective way to perform intrusion detection and delivers security benefits while meeting the energy budget. The numerical results show that CAIDS offers a good trade-off between lifetime performance and security. This study demonstrates empirically that the CAIDS model intelligently monitors and recognizes security breach attempts while adhering to the resource budget plan over the period of expected network lifetime.

[1]  Charles E. Perkins,et al.  Ad Hoc Networking , 2001 .

[2]  Sajal K. Das,et al.  Preventing DoS attack in sensor networks: a game theoretic approach , 2005, IEEE International Conference on Communications, 2005. ICC 2005. 2005.

[3]  Charlie Obimbo,et al.  A Watchdog Enhancement to IDS in MANET , 2006, Wireless and Optical Communications.

[4]  Farouk Kamoun,et al.  Hierarchical Routing for Large Networks; Performance Evaluation and Optimization , 1977, Comput. Networks.

[5]  Sanjoy K. Baruah,et al.  LSTF: A new scheduling policy for complex real-time tasks in multiple processor systems , 1997, Autom..

[6]  Bo-Chao Cheng,et al.  A Good IDS Response Protocol of MANET Containment Strategies , 2008, IEICE Trans. Commun..

[7]  Wenke Lee,et al.  A cooperative intrusion detection system for ad hoc networks , 2003, SASN '03.

[8]  Peter Mell,et al.  Mobile Agent Attack Resistant Distributed Hierarchical Intrusion Detection Systems , 1999, Recent Advances in Intrusion Detection.

[9]  Charles E. Perkins,et al.  Ad hoc networking: an introduction , 2001 .

[10]  A. Patcha,et al.  A game theoretic approach to modeling intrusion detection in mobile ad hoc networks , 2004, Proceedings from the Fifth Annual IEEE SMC Information Assurance Workshop, 2004..

[11]  Jing Wang,et al.  An Efficient Method for Optimal Probe Deployment of Distributed IDS , 2005, IEICE Trans. Inf. Syst..

[12]  Rituparna Chaki,et al.  IDSX: A Cluster Based Collaborative Intrusion Detection Algorithm for Mobile Ad-Hoc Network , 2007, 6th International Conference on Computer Information Systems and Industrial Management Applications (CISIM'07).

[13]  Murali S. Kodialam,et al.  Detecting network intrusions via sampling: a game theoretic approach , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[14]  Tomasz R. Bielecki Review of continuous-time Markov chains and applications [Book Review] , 2000, IEEE Transactions on Automatic Control.