zone based ad hoc IDS - Zone-Based Intrusion Detection for...

Info iconThis preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon
Zone-Based Intrusion Detection for Mobile Ad Hoc Networks* Bo Sun Dept. of Computer Science Texas A&M University College Station TX 77843-3112 b0s6067@cs.tamu.edu Kui Wu Dept. of Computer Science University of Victoria BC, Canada V8W 3P6 wkui@cs.uvic.ca Udo W. Pooch Dept. of Computer Science Texas A&M University College Station TX 77843-3112 pooch@cs.tamu.edu ABSTRACT Intrusion Detection Systems (IDSs) for Mobile Ad hoc NETworks (MANETs) are indis- pensable since traditional intrusion prevention based techniques are not strong enough to protect MANETs. However, the dynamic environment of MANETs makes the design and implementation of IDSs a very chal- lenging task. In this paper, we present a non-overlapping Zone-Based Intrusion Detection System (ZBIDS) that fits the requirement of MANETs. On the local detection part, we present a general intrusion detection agent model and propose a Markov Chain based anomaly detection algorithm. We focus on the protec- tion of MANET routing protocols and present the details regarding feature selection, data collection, data preprocess, Markov Chain construction, classifier construction and parameter tuning. We demonstrate that local detection alone cannot achieve desirable performance. Therefore, we further propose a collaboration mechanism among ZBIDS agents and an aggregation algorithm used by gateway nodes. With alert infor- mation from a wider area, gateway nodes’ IDS can effectively suppress many falsified alerts and provide more diagnostic information about the occurring attacks. Security officers can have a general understanding about the attacks using the proposed MANET Intrusion Detection Message Exchange Format (MIDMEF). We carry out extensive simulation to evaluate the performance of ZBIDS at different mobility levels. Sim- This paper is the extension of our conference papers [3,4].
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
2 ulation results show that ZBIDS can achieve desirable performance and meet the security requirement of MANETs. I. I NTRODUCTION The unique characteristics of Mobile Ad hoc NETworks (MANETs), such as arbitrary node movement and lack of centralized control, make them vulnerable to a wide variety of outside and inside attacks [1]. How to provide effective security protection for MANETs has become one of the main challenges in deploying MANET in reality. Intrusion prevention techniques, such as encryption and authentication, can deter at- tackers from malicious behavior. But prevention based techniques alone cannot totally eliminate intrusions. The security research in the Internet demonstrates that sooner or later a smart and determined attacker can exploit some security holes to break into a system no matter how many intrusion prevention measures are deployed. Therefore, intrusion detection systems (IDSs), serving as the second line of defense, are indis- pensable for a reliable system. IDSs for MANETs can complement and integrate with existing MANET intrusion prevention methods to provide highly survivable networks [1].
Background image of page 2
Image of page 3
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 03/19/2012 for the course COMPUTER S 2143 taught by Professor Singh during the Spring '12 term at Punjab Engineering College.

Page1 / 28

zone based ad hoc IDS - Zone-Based Intrusion Detection for...

This preview shows document pages 1 - 3. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online