A survey on MANET intrusion detection

In recent years, the security issues on MANET have become one of the primary concerns. The MANET is more vulnerable to be attacked than wired network. These vulnerabilities are nature of the MANET structure that cannot be removed. As a result, attacks with malicious intent have been and will be devised to exploit these vulnerabilities and to cripple the MANET operation. Attack prevention measures, such as authentication and encryption, can be used as the first line of defense for reducing the possibilities of attacks. However, these techniques have a limitation on the effects of prevention techniques in general and they are designed for a set of known attacks. They are unlikely to prevent newer attacks that are designed for circumventing the existing security measures. For this reason, there is a need of second mechanism to “detect and response� these newer attacks, i.e. “intrusion detection�. This paper aims to explore and to classify current techniques of Intrusion Detection System (IDS) aware MANET. To support these ideas, a discussion regarding attacks, IDS architectures, and researches achievement on MANET are presented inclusively, and then the comparison among several researches achievement will be evaluated based on these parameters. By this way, several existing security problems on MANET can be probed quickly for future researches.

[1]  Robert K. Cunningham,et al.  A taxonomy of computer worms , 2003, WORM '03.

[2]  Nitin H. Vaidya,et al.  Detection and handling of MAC layer misbehavior in wireless networks , 2003, 2003 International Conference on Dependable Systems and Networks, 2003. Proceedings..

[3]  Alfonso Valdes,et al.  Live Traffic Analysis of TCP/IP Gateways , 1998, NDSS.

[4]  Biswanath Mukherjee,et al.  A Software Platform for Testing Intrusion Detection Systems , 1997, IEEE Softw..

[5]  John R. Douceur,et al.  The Sybil Attack , 2002, IPTPS.

[6]  Srdjan Capkun,et al.  GPS-free Positioning in Mobile Ad Hoc Networks , 2001, Proceedings of the 34th Annual Hawaii International Conference on System Sciences.

[7]  Sudipto Guha,et al.  A constant-factor approximation algorithm for the k-median problem (extended abstract) , 1999, STOC '99.

[8]  Amitabh Mishra,et al.  Intrusion detection in wireless ad hoc networks , 2004, IEEE Wireless Communications.

[9]  Olle Engstrand,et al.  Systematicity of phonetic variation in natural discourse , 1992, Speech Commun..

[10]  Karl N. Levitt,et al.  A general cooperative intrusion detection architecture for MANETs , 2005, Third IEEE International Workshop on Information Assurance (IWIA'05).

[11]  Dorothy E. Denning,et al.  An Intrusion-Detection Model , 1987, IEEE Transactions on Software Engineering.

[12]  Marc Dacier,et al.  A revised taxonomy for intrusion-detection systems , 2000, Ann. des Télécommunications.

[13]  Ulf Lindqvist,et al.  Using Model-based Intrusion Detection for SCADA Networks , 2006 .

[14]  Wenke Lee,et al.  Intrusion Detection Techniques for Mobile Wireless Networks , 2003, Wirel. Networks.

[15]  Koral Ilgun,et al.  USTAT: a real-time intrusion detection system for UNIX , 1993, Proceedings 1993 IEEE Computer Society Symposium on Research in Security and Privacy.

[16]  Niels Provos,et al.  Detecting Steganographic Content on the Internet , 2002, NDSS.

[17]  W. G. Figel,et al.  Vehicle location by a signal attenuation method , 1969 .

[18]  Anupam Joshi,et al.  Secure Routing and Intrusion Detection in Ad Hoc Networks , 2005, Third IEEE International Conference on Pervasive Computing and Communications.

[19]  Fabio Tesser,et al.  High performance Italian continuous "digit" recognition , 2000, INTERSPEECH.

[20]  Andreas Pfitzmann,et al.  Attacks on Steganographic Systems , 1999, Information Hiding.

[21]  Rajarathnam Chandramouli,et al.  A mathematical framework for active steganalysis , 2003, Multimedia Systems.

[22]  Hany Farid,et al.  Detecting hidden messages using higher-order statistical models , 2002, Proceedings. International Conference on Image Processing.

[23]  Gregory A. Hansen,et al.  The Optimized Link State Routing Protocol , 2003 .

[24]  Meng Joo Er,et al.  Face recognition with radial basis function (RBF) neural networks , 2002, IEEE Trans. Neural Networks.

[25]  Srdjan Capkun,et al.  Self-organization in mobile ad hoc networks: the approach of Terminodes , 2001, IEEE Commun. Mag..

[26]  Xuezeng Pan,et al.  Effective Steganalysis Based on Statistical Moments of Differential Characteristic Function , 2006, 2006 International Conference on Computational Intelligence and Security.

[27]  Harold Joseph Highland,et al.  The 17th NSCS abstructArtificial Intelligence and Intrusion Detection: Current and Future Directions : Jeremy Frank, University of California, Davis, CA , 1995 .

[28]  Yih-Chun Hu,et al.  Packet leashes: a defense against wormhole attacks in wireless networks , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[29]  Zygmunt J. Haas,et al.  Securing ad hoc networks , 1999, IEEE Netw..

[30]  John W. Sammon,et al.  An Optimal Set of Discriminant Vectors , 1975, IEEE Transactions on Computers.

[31]  Chongzhao Han,et al.  Feature Selection Based on Bhattacharyya Distance: A Generalized Rough Set Method , 2006, 2006 6th World Congress on Intelligent Control and Automation.

[32]  Christopher Krügel,et al.  Applying Mobile Agent Technology to Intrusion Detection , 2001 .

[33]  John J. Shynk,et al.  Statistical analysis of the single-layer backpropagation algorithm. I. mean weight behavior , 1993, IEEE Trans. Signal Process..

[34]  B. R. Badrinath,et al.  Ad hoc positioning system (APS) using AOA , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[35]  Ratan K. Guha,et al.  Effective intrusion detection using multiple sensors in wireless ad hoc networks , 2003, 36th Annual Hawaii International Conference on System Sciences, 2003. Proceedings of the.

[36]  Deborah Estrin,et al.  Geography-informed energy conservation for Ad Hoc routing , 2001, MobiCom '01.

[37]  Charles E. Perkins,et al.  Highly Dynamic Destination-Sequenced Distance-Vector Routing (DSDV) for mobile computers , 1994, SIGCOMM.

[38]  David B. Johnson,et al.  The Dynamic Source Routing Protocol for Mobile Ad Hoc Networks , 2003 .

[39]  R. Chandramouli,et al.  Secret key estimation in sequential steganography , 2005 .

[40]  J. Werb,et al.  Designing a positioning system for finding things and people indoors , 1998 .

[41]  Imrich Chlamtac,et al.  Mobile ad hoc networking: imperatives and challenges , 2003, Ad Hoc Networks.

[42]  A. Laub,et al.  The singular value decomposition: Its computation and some applications , 1980 .

[43]  Yih-Chun Hu,et al.  Rushing attacks and defense in wireless ad hoc network routing protocols , 2003, WiSe '03.

[44]  Michèle Basseville,et al.  Detection of abrupt changes: theory and application , 1993 .

[45]  Bruce A. Eisenstein,et al.  A Declustering Criterion for Feature Extraction in Pattern Recognition , 1978, IEEE Transactions on Computers.

[46]  Chris Herringshaw,et al.  Detecting Attacks on Networks , 1997, Computer.

[47]  John W. Sammon,et al.  An Optimal Discriminant Plane , 1970, IEEE Transactions on Computers.

[48]  Malcolm I. Heywood,et al.  Selecting Features for Intrusion Detection: A Feature Relevance Analysis on KDD 99 , 2005, PST.

[49]  Richard P. Lippmann,et al.  An introduction to computing with neural nets , 1987 .

[50]  P. GALLINARI,et al.  On the relations between discriminant analysis and multilayer perceptrons , 1991, Neural Networks.

[51]  Chengyun Yang,et al.  Image steganalysis based on moments of characteristic functions using wavelet decomposition, prediction-error image, and neural network , 2005, 2005 IEEE International Conference on Multimedia and Expo.

[52]  Gustavus J. Simmons,et al.  The Prisoners' Problem and the Subliminal Channel , 1983, CRYPTO.

[53]  Ross J. Anderson,et al.  On the limits of steganography , 1998, IEEE J. Sel. Areas Commun..

[54]  R. Fisher THE USE OF MULTIPLE MEASUREMENTS IN TAXONOMIC PROBLEMS , 1936 .

[55]  Cannady,et al.  New Methods of Intrusion Detection Using Control-Loop Measurement , 1996 .

[56]  Jim Mellander,et al.  Intrusion Detection & Prevention , 2003 .

[57]  Bede Liu,et al.  On the use of singular value decomposition and decimation in discrete-time band-limited signal extrapolation , 1984 .

[58]  Andy Hopper,et al.  The active badge location system , 1992, TOIS.

[59]  M. Hata,et al.  Mobile location using signal strength measurements in a cellular system , 1980, IEEE Transactions on Vehicular Technology.

[60]  D. Hammerstrom,et al.  Neural networks at work , 1993, IEEE Spectrum.

[61]  Eugene H. Spafford,et al.  A PATTERN MATCHING MODEL FOR MISUSE INTRUSION DETECTION , 1994 .

[62]  Simon Pietro Romano,et al.  Evaluating Pattern Recognition Techniques in Intrusion Detection Systems , 2005, PRIS.

[63]  Greg Welch,et al.  The HiBall Tracker: high-performance wide-area tracking for virtual and augmented environments , 1999, VRST '99.

[64]  Biswanath Mukherjee,et al.  A network security monitor , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[65]  Kymie M. C. Tan,et al.  Detection and classification of TCP/IP network services , 1997, Proceedings 13th Annual Computer Security Applications Conference.

[66]  Klaus J. Kohler,et al.  Segmental Reduction in Connected Speech in German: Phonological Facts and Phonetic Explanations , 1990 .

[67]  M.R. Lyu,et al.  An authentication service against dishonest users in mobile ad hoc networks , 2004, 2004 IEEE Aerospace Conference Proceedings (IEEE Cat. No.04TH8720).

[68]  Régine André-Obrecht Automatic segmentation of continuous speech signals , 1985 .

[69]  Yoshio Hirose,et al.  Backpropagation algorithm which varies the number of hidden units , 1989, International 1989 Joint Conference on Neural Networks.

[70]  Charles E. Perkins,et al.  Ad hoc On-Demand Distance Vector (AODV) Routing , 2001, RFC.

[71]  Lawrence R. Rabiner,et al.  Some preliminary experiments in the recognition of connected digits , 1975 .

[72]  Hari Balakrishnan,et al.  6th ACM/IEEE International Conference on on Mobile Computing and Networking (ACM MOBICOM ’00) The Cricket Location-Support System , 2022 .

[73]  John W. Tukey,et al.  A Projection Pursuit Algorithm for Exploratory Data Analysis , 1974, IEEE Transactions on Computers.

[74]  Jing-Yu Yang,et al.  A generalized optimal set of discriminant vectors , 1992, Pattern Recognit..

[75]  Hervé Debar,et al.  A neural network component for an intrusion detection system , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[76]  Jiri Fridrich,et al.  Steganalysis of LSB encoding in color images , 2000, 2000 IEEE International Conference on Multimedia and Expo. ICME2000. Proceedings. Latest Advances in the Fast Changing World of Multimedia (Cat. No.00TH8532).

[77]  Md. Sah Salam,et al.  An initial experiment on syllable based approach for Malay digit recognition , 2003 .

[78]  Jack Sklansky,et al.  An overview of mapping techniques for exploratory pattern analysis , 1988, Pattern Recognit..

[79]  N. Nasser,et al.  Using mobile agents for intrusion detection in wireless ad hoc networks , 2005, Second IFIP International Conference on Wireless and Optical Communications Networks, 2005. WOCN 2005..

[80]  John W. Sammon,et al.  Interactive Pattern Analysis and Classification , 1970, IEEE Transactions on Computers.

[81]  Karl N. Levitt,et al.  System Health and Intrusion Monitoring Using a Hierarchy of Constraints , 2001, Recent Advances in Intrusion Detection.

[82]  Aikaterini Mitrokotsa,et al.  DDoS attacks and defense mechanisms: classification and state-of-the-art , 2004, Comput. Networks.

[83]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[84]  Andy Hopper,et al.  A new location technique for the active office , 1997, IEEE Wirel. Commun..

[85]  Slawomir T. Wierzchon,et al.  Intelligent Information Systems 2002 , 2002 .

[86]  Jing-Yu Yang,et al.  Optimal discriminant plane for a small number of samples and design method of classifier on the plane , 1991, Pattern Recognit..

[87]  Wenke Lee,et al.  Intrusion detection in wireless ad-hoc networks , 2000, MobiCom '00.

[88]  D. McCrady,et al.  Mobile ranging using low-accuracy clocks , 2000 .

[89]  William A. Pearlman,et al.  Steganalysis of additive-noise modelable information hiding , 2003, IS&T/SPIE Electronic Imaging.

[90]  Edzard S. Gelsema,et al.  Mapping algorithms in ispahan , 1980, Pattern Recognit..

[91]  Udo W. Pooch,et al.  Towards adaptive intrusion detection in mobile ad hoc networks , 2004, IEEE Global Telecommunications Conference, 2004. GLOBECOM '04..

[92]  Haiyun Luo,et al.  Security in mobile ad hoc networks: challenges and solutions , 2004, IEEE Wireless Communications.

[93]  Siwei Lyu,et al.  Steganalysis using color wavelet statistics and one-class support vector machines , 2004, IS&T/SPIE Electronic Imaging.

[94]  R. A. Jones,et al.  A Dimensionality Reduction Technique Based on a Least Squared Error Criterion , 1982, IEEE Transactions on Pattern Analysis and Machine Intelligence.

[95]  Salvatore J. Stolfo,et al.  A data mining framework for building intrusion detection models , 1999, Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344).

[96]  Sushil Jajodia,et al.  Exploring steganography: Seeing the unseen , 1998 .

[97]  Lawrence R. Rabiner,et al.  Some preliminary experiments in the recognition of connected digits , 1975 .

[98]  Nasir D. Memon,et al.  Steganalysis of halftone images , 2005, Proceedings. (ICASSP '05). IEEE International Conference on Acoustics, Speech, and Signal Processing, 2005..

[99]  Jean-Pierre Hubaux,et al.  The quest for security in mobile ad hoc networks , 2001, MobiHoc '01.

[100]  John J. Shynk,et al.  Statistical analysis of the single-layer backpropagation algorithm. II. MSE and classification performance , 1993, IEEE Trans. Signal Process..

[101]  George Kesidis,et al.  Secure routing in ad hoc networks and a related intrusion detection problem , 2003, IEEE Military Communications Conference, 2003. MILCOM 2003..

[102]  Peter G. Neumann,et al.  EMERALD: Event Monitoring Enabling Responses to Anomalous Live Disturbances , 1997, CCS 2002.

[103]  Hervé Debar,et al.  An application of a recurrent network to an intrusion detection system , 1992, [Proceedings 1992] IJCNN International Joint Conference on Neural Networks.

[104]  Josef Kittler,et al.  A new approach to feature selection based on the Karhunen-Loeve expansion , 1973, Pattern Recognit..

[105]  T. Hardjono,et al.  Secure group communications for wireless networks , 2001, 2001 MILCOM Proceedings Communications for Network-Centric Operations: Creating the Information Force (Cat. No.01CH37277).

[106]  Peng Ning,et al.  Hypothesizing and reasoning about attacks missed by intrusion detection systems , 2004, TSEC.

[107]  H. Javitz,et al.  IDES : The Enhanced Prototype A Real-Time Intrusion-Detection Expert System , 1988 .

[108]  Leandros Tassiulas,et al.  Proximity awareness and fast connection establishment in Bluetooth , 2000, 2000 First Annual Workshop on Mobile and Ad Hoc Networking and Computing. MobiHOC (Cat. No.00EX444).

[109]  Paul Helman,et al.  Statistical Foundations of Audit Trail Analysis for the Detection of Computer Misuse , 1993, IEEE Trans. Software Eng..

[110]  David P. Williamson,et al.  Improved approximation algorithms for capacitated facility location problems , 1999, IPCO.

[111]  Richard A. Kemmerer,et al.  Penetration state transition analysis: A rule-based intrusion detection approach , 1992, [1992] Proceedings Eighth Annual Computer Security Application Conference.

[112]  Haiyun Luo,et al.  Adaptive Security for Multi-layer Ad-hoc Networks , 2002 .

[113]  Rebecca Gurley Bace,et al.  Intrusion Detection , 2018, Encyclopedia of Social Network Analysis and Mining. 2nd Ed..

[114]  Qiang Chen,et al.  Probabilistic techniques for intrusion detection based on computer audit data , 2001, IEEE Trans. Syst. Man Cybern. Part A.

[115]  Jérôme Farinas,et al.  Rhythmic unit extraction and modelling for automatic language identification , 2005, Speech Commun..

[116]  Yih-Chun Hu Packet Leashes : A Defense against Wormhole Attacks in Wireless Ad Hoc Networks , 2001 .

[117]  Steven A. Borbash,et al.  Birthday protocols for low energy deployment and flexible neighbor discovery in ad hoc wireless networks , 2001, MobiHoc '01.

[118]  Rayford B. Vaughn,et al.  An improved algorithm for fuzzy data mining for intrusion detection , 2002, 2002 Annual Meeting of the North American Fuzzy Information Processing Society Proceedings. NAFIPS-FLINT 2002 (Cat. No. 02TH8622).

[119]  L. El Ghaoui,et al.  Convex position estimation in wireless sensor networks , 2001, Proceedings IEEE INFOCOM 2001. Conference on Computer Communications. Twentieth Annual Joint Conference of the IEEE Computer and Communications Society (Cat. No.01CH37213).

[120]  Deborah Estrin,et al.  Self-configuring localization systems: Design and Experimental Evaluation , 2004, TECS.

[121]  Régine André-Obrecht,et al.  A new statistical approach for the automatic segmentation of continuous speech signals , 1988, IEEE Trans. Acoust. Speech Signal Process..

[122]  Stephanie Forrest,et al.  Infect Recognize Destroy , 1996 .

[123]  Jim Mellander,et al.  Intrusion Detection , 2003 .

[124]  Geoffrey E. Hinton,et al.  Learning internal representations by error propagation , 1986 .

[125]  B. Hofmann-Wellenhof,et al.  Global Positioning System , 1992 .

[126]  Teuvo Kohonen,et al.  Self-Organizing Maps , 2010 .

[127]  Jing-Yu Yang,et al.  Optimal fisher discriminant analysis using the rank decomposition , 1992, Pattern Recognit..

[128]  Lucas M. Venter,et al.  A comparison of Intrusion Detection systems , 2001, Comput. Secur..

[129]  Jie Wu,et al.  A Survey on Intrusion Detection in Mobile Ad Hoc Networks , 2007 .

[130]  Ricardo Staciarini Puttini,et al.  Security in Ad Hoc Networks: a General Intrusion Detection Architecture Enhancing Trust Based Approaches , 2002, Wireless Information Systems.

[131]  K. Tan,et al.  The application of neural networks to UNIX computer security , 1995, Proceedings of ICNN'95 - International Conference on Neural Networks.

[132]  Sarel van Vuuren,et al.  Improved neural network training of inter-word context units for connected digit recognition , 1998, Proceedings of the 1998 IEEE International Conference on Acoustics, Speech and Signal Processing, ICASSP '98 (Cat. No.98CH36181).

[133]  Panagiotis Papadimitratos,et al.  Path set selection in mobile ad hoc networks , 2002, MobiHoc '02.

[134]  Yih-Chun Hu,et al.  Ariadne: A Secure On-Demand Routing Protocol for Ad Hoc Networks , 2002, MobiCom '02.

[135]  Todd L. Heberlein,et al.  Network intrusion detection , 1994, IEEE Network.

[136]  Jack Sklansky,et al.  Experiments on mapping techniques for exploratory pattern analysis , 1988, Pattern Recognit..

[137]  Udo W. Pooch,et al.  Alert aggregation in mobile ad hoc networks , 2003, WiSe '03.

[138]  Olivier Rosec,et al.  Brandt's GLR method & refined HMM segmentation for TTS synthesis application , 2005, 2005 13th European Signal Processing Conference.