Intrusion Detection System (IDS) Techniques and Responses for Mobile Wireless Networks

In recent years, the rapidly expanding area of mobile and wireless computing applications was definitely redefined the concept of network security. Even though that wireless had opened a new and exiting world with its advancing technology it is no doubt that it is popularity is on the rise. However, the biggest concern with either wireless or mobile computing applications in security. It can no longer be effective in the traditional way of securing networks with the use of firewalls and even with the use of stronger encryption algorithm keys. The need to develop and research for new structures and methods to protect and define the wireless networks and the mobile computing applications is becoming more and more evident. In this report, we will conduct an in-depth analysis of the weaknesses of the wireless networks and hence proved why the use of an intrusion detection system is of great importance in securing the backbone of mobile computing field. This would also involve detecting anomalies in the mobile ad-hoc network including inconsistencies in the routing tables and activities on other layers

An adaptive distributed Intrusion detection system architecture using multi agents

Intrusion detection systems are used for monitoring the network data, analyze them and find the intrusions if any. The major issues with these systems are the time taken for analysis, transfer of bulk data from one part of the network to another, high false positives and adaptability to the future threats. These issues are addressed here by devising a framework for intrusion detection. Here, various types of co-operating agents are distributed in the network for monitoring, analyzing, detecting and reporting. Analysis and detection agents are the mobile agents which are the primary detection modules for detecting intrusions. Their mobility eliminates the transfer of bulk data for processing. An algorithm named territory is proposed to avoid interference of one analysis agent with another one. A communication layout of the analysis and detection module with other modules is depicted. The inter-agent communication reduces the false positives significantly. It also facilitates the identification of distributed types of attacks. The co-ordinator agents log various events and summarize the activities in its network. It also communicates with co-ordinator agents of other networks. The system is highly scalable by increasing the number of various agents if needed. Centralized processing is avoided here to evade single point of failure. We created a prototype and the experiments done gave very promising results showing the effectiveness of the system