This preview has intentionally blurred sections. Sign up to view the full version.View Full Document
Unformatted text preview: Intrusion Detection for Wormhole Attacks in Ad hoc Networks a Survey and a Proposed Decentralized Scheme Marianne A. Azer Sherif M. El-Kassas Abdel Wahab F. Hassan Magdy S. El-Soudani Assistant Lecturer National Telecommunication Institute, Cairo Egypt Associate Professor American University, Cairo, Egypt Professor, Faculty of Engineering Cairo University,Cairo, Egypt Professor, Faculty of Engineering, Cairo University,Cairo, Egypt [email protected] [email protected] [email protected] [email protected] Abstract The dynamic and cooperative nature of ad hoc networks presents substantial challenges in securing and detecting attacks in these networks. A particularly severe security attack, called the wormhole attack, has been introduced in the context of ad-hoc networks. During the attack, a malicious node captures packets from one location in the network, and tunnels them to another malicious node at a distant point, which replays them locally. In this paper we survey and classify the solutions that have been proposed in the literature for this attack and propose a decentralized scheme for intrusion detection based on the theory of diffusion of innovations. We argue that the proposed approach is more appropriate to address ad hoc networks’ dynamic and cooperative nature especially at the application level. 1. Introduction The dynamic and cooperative nature of ad hoc networks present substantial challenges in securing these networks. There are recent research efforts in providing various attack prevention schemes, e.g. authentication and encryption schemes, to secure the ad hoc routing protocols. Such security measures are not sufficient all the time, and intrusion detection remains an important security goal to complement the various existing detection mechanisms. Intrusion detection techniques can be mapped into three categories : signature-based detection, anomaly detection, and specification-based detection. However, the special characteristics of ad hoc network, like the lack of support infrastructure, dynamic network topology, distributed operation, bandwidth constraints, variable capacity links, use of low power devices, limited CPU and memory, limited physical security, and complexity of design of network protocols impose lots of limitations to the intrusion detection system needed for those networks. In this paper we propose a decentralized intrusion detection scheme based on the theory of the diffusion of innovations. The remainder of this paper is organized as follows. Section 2 contains a brief introduction to the routing protocol considered throughout this paper, in addition to a description of the wormhole attack and a classification of its proposed solutions. In section 3, a decentralized intrusion detection scheme is proposed. Finally in section 4, conclusions and future works are given....
View Full Document
- Spring '12
- routing protocol, intrusion detection, Ad Hoc Networks, wormhole attack