A General Cooperative Intrusion Detection Architecture for MANETs
- 31 March 2005
- conference paper
- conference paper
- Published by Institute of Electrical and Electronics Engineers (IEEE)
Abstract
Intrusion detection in MANETs is challenging because these networks change their topologies dynamically; lack concentration points where aggregated traffic can be analyzed; utilize infrastructure protocols that are susceptible to manipulation; and rely on noisy, intermittent wireless communications. We present a cooperative, distributed intrusion detection architecture that addresses these challenges while facilitating accurate detection of MANET-specific and conventional attacks. The architecture is organized as a dynamic hierarchy in which detection data is acquired at the leaves and is incrementally aggregated, reduced, and analyzed as it flows upward toward the root. Security management directives flow downward from nodes at the top. To maintain communications efficiency, the hierarchy is automatically reconfigured as needed using clustering techniques in which clusterheads are selected based on topology and other criteria. The utility of the architecture is illustrated via multiple attack scenarios.Keywords
This publication has 11 references indexed in Scilit:
- How to misuse AODV: a case study of insider attacks against mobile ad-hoc routing protocolsPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2004
- A cooperative intrusion detection system for ad hoc networksPublished by Association for Computing Machinery (ACM) ,2003
- A specification-based intrusion detection system for AODVPublished by Association for Computing Machinery (ACM) ,2003
- Intrusion-resistant ad hoc wireless networksPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2003
- Challenges in intrusion detection for wireless ad-hoc networksPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2003
- Distributed clustering for ad hoc networksPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2003
- Effective intrusion detection using multiple sensors in wireless ad hoc networksPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2003
- Performance analysis of the CONFIDANT protocolPublished by Association for Computing Machinery (ACM) ,2002
- Core: A Collaborative Reputation Mechanism to Enforce Node Cooperation in Mobile Ad Hoc NetworksPublished by Springer Science and Business Media LLC ,2002
- Mitigating routing misbehavior in mobile ad hoc networksPublished by Association for Computing Machinery (ACM) ,2000