This preview has intentionally blurred sections. Sign up to view the full version.View Full Document
Unformatted text preview: Vulnerabilities of Intrusion Detection Systems in Mobile Ad-hoc Networks - The routing problem Ernesto Jiménez Caballero Helsinki University of Technology [email protected] Abstract intrusion detection systems is one of the most ac- tive fields of research in Mobile Ad-hoc Network’s (MANET) field. This systems are usually focused on detecting problems with the routing systems to prevent DoS and Man-in-the-middle and, despite of the amount of papers written which try to solve, many of them are just theoretical and have only been proved in simula- tions. In addition, most of them have common defi- ciencies. This paper reviews attacks against MANETs’ routing systems performed by intruders, some systems proposed to detect them, and their deficiencies. KEYWORDS: MANET, Routing, intrusion detection systems, Deficiencies 1 Introduction A wireless ad-hoc network is a group of devices which are connected without a fixed infrastructure such as ac- cess points or base stations. This lack of infrastruc- ture supposes the devices in the routing system, creat- ing multi-hop wireless paths linking nodes with those which are out of their wireless range. This kind of networks without fixed infrastructure and high mobility are ideal for places such as battle- field, and for establishing communications after natural disasters. However, in these environments network se- curity becomes critical. For this reason several research studies have been focused in ad-hoc security, which in- clude intrusion prevention and intrusion detection sys- tems. The prevention should prevent unauthorized ac- cess to the network; however, this is not always possi- ble, and this risk enforces the implementation of a sec- ond line of defense: intrusion detection. Traditional in- trusion detection systems (IDS) in wired networks ana- lyze the behavior of the elements in the network trying to identify anomalies produced by intruders and, once identified, start a response against the intruders. These detection systems are usually placed in those elements with more confluent traffic such as routers, gateways, and switches. Unfortunately, in ad-hoc networks, those elements are not uses, and it is not possible to guess which nodes will route more traffic from its neighbors and install IDS systems only in those nodes. This is the reason justifying the proposal from Zhang  of a distributed intrusion detection system where every host in the network investigates possible misbehaves of their neighbors. One of the most important things to secure in the ad- hoc networks is the routing system. Attacks against this part of the network system can conclude in Denial-of- service (DoS) or man-in-the-middle. Because of this, several researches done in this field have focused on those routing systems and how to detect misbehavior from the nodes and differentiate if the misbehavior is produced by an intruder or, in the other hand, if is the normal misbehave in mobile wireless networks (e.g....
View Full Document
- Spring '12