Intrusion Detection System for Mobile Ad hoc Networks Based on the Behavior of Nodes

A Mobile Ad hoc Network (MANET) can be defined as a network of mobile nodes that communicate over the wireless radio communication channel. It is also defined as a network without any underlying infrastructure and offers unrestricted mobility. Due to their open nature and lack of infrastructure, security for MANETs has become an intricate problem. To transmit data over such a network, generally any routing protocol that enables dynamic, selfstarting multi hop routing between mobile nodes is used. However these routing protocols are vulnerable to various kinds of attacks. The conventional security mechanisms of protecting a network are not sufficient for these networks. Hence a second level of defense to detect and respond to the security problem called an Intrusion Detection System (IDS) is required. An IDS based on anomaly based intrusion detection that works by checking the behavior of the nodes was proposed to overcome some of the attacks like blackhole, grayhole and flooding attacks. Generally the malicious nodes demonstrate a different behavioral pattern of all the other normal nodes. So the specified approach where a Data Transmission Quality (DTQ) function is used to determine the behavior of the nodes as malicious or legitimate is used. The DTQ function is defined in such a way that it will be close to a constant or keep changing smoothly for genuine nodes and will keep on diminishing for malicious nodes. The proposed method was implemented using AODV as the routing protocol for transmitting data. The evaluation results show that the performance of the AODV protocol under attacks has improved significantly by using the proposed approach.

[1]  Hitesh Tewari,et al.  Real-time intrusion detection for ad hoc networks , 2005, Sixth IEEE International Symposium on a World of Wireless Mobile and Multimedia Networks.

[2]  Zygmunt J. Haas,et al.  Securing ad hoc networks , 1999, IEEE Netw..

[3]  Dharma P. Agrawal,et al.  Security enhancements in AODV protocol for wireless ad hoc networks , 2001, IEEE 54th Vehicular Technology Conference. VTC Fall 2001. Proceedings (Cat. No.01CH37211).

[4]  Songwu Lu,et al.  SCAN: self-organized network-layer security in mobile ad hoc networks , 2006, IEEE Journal on Selected Areas in Communications.

[5]  Calvin Ko,et al.  Challenges in intrusion detection for wireless ad-hoc networks , 2003, 2003 Symposium on Applications and the Internet Workshops, 2003. Proceedings..

[6]  Mary Baker,et al.  Mitigating routing misbehavior in mobile ad hoc networks , 2000, MobiCom '00.

[7]  Godwin Ansa,et al.  Detection and accusation of packet forwarding misbehaviour in mobile ad-hoc networks , 2008 .

[8]  Raman K. Mehra,et al.  Ensemble methods for anomaly detection and distributed intrusion detection in Mobile Ad-Hoc Networks , 2008, Inf. Fusion.

[9]  Marjan Kuchaki Rafsanjani,et al.  QAIDS: Quantitative and Agent based Intrusion Detection System , 2011, Comput. Inf. Sci..

[10]  Wenke Lee,et al.  Intrusion detection in wireless ad-hoc networks , 2000, MobiCom '00.

[11]  Mansoor Alam,et al.  Compromised Sensor Nodes Detection: A Quantitative Approach , 2008, 2008 The 28th International Conference on Distributed Computing Systems Workshops.

[12]  Dharma P. Agrawal,et al.  Routing security in wireless ad hoc networks , 2002, IEEE Commun. Mag..

[13]  A. Damodaram,et al.  Enhanced Intrusion Detection System for Malicious Node Detection in Mobile Ad hoc Networks using Data Transmission Quality of Nodes , 2014 .

[14]  John A. Clark,et al.  Intrusion Detection in Mobile Ad Hoc Networks , 2009, Guide to Wireless Ad Hoc Networks.

[15]  Karl N. Levitt,et al.  A specification-based intrusion detection system for AODV , 2003, SASN '03.

[16]  Bo Sun Intrusion detection in mobile ad hoc networks , 2004 .