Survey on EAACK - A Secure Intrusion-Detection System for MANETs

The past few decade migration to wireless network from wired network has been a global trend. Wireless network made it possible in many applications to have mobility and scalability. Among all the modern wireless networks, Mobile Ad hoc NETwork (MANET) is one of the most important and unique applications. MANET is more popular now days. On the conflicting to traditional network architecture, MANET not has a fixed network infrastructure; every single node works as both a transmitter and a receiver. Nodes within same communication range are communicated directly with each other. Otherwise, they depend on their neighbors to relay messages. Because of the self-configuring ability of nodes in MANET made it popular among critical mission applications like military use or emergency recovery. Now days, security has become a very important service in Mobile Adhoc Network. As Compared with other networks, MANETs are more vulnerable to various types of attacks. This paper presents an overview of Secure Intrusion-Detection Systems for discovering malicious nodes and attacks on MANETs. Because of some special characteristics of MANETs, prevention mechanisms alone are not satisfied to manage the secure networks. In this, detection should be focused as another part before an attacker can damage the structure of the system. This paper gives an overall overview of IDS architecture for improving the security level of MANETs. For enhancing the security based on security attributes and then various algorithms like RSA and DSA

Protection of an intrusion detection engine with watermarking in ad hoc networks

Mobile ad hoc networks have received great attention in recent years, mainly due to the evolution of wireless networking and mobile computing hardware. Nevertheless, many inherent vulnerabilities exist in mobile ad hoc networks and their applications that affect the security of wireless transactions. As intrusion prevention mechanisms, such as encryption and authentication, are not sufficient we need a second line of defense, Intrusion Detection. In this pa-per we present an intrusion detection engine based on neural networks and a protection method based on watermarking techniques. In particular, we exploit information visualization and machine learning techniques in order to achieve intrusion detection and we authenticate the maps produced by the application of the intelligent techniques using a novel combined watermarking embedding method. The performance of the proposed model is evaluated under different traffic conditions, mobility patterns and visualization metrics

Collaborative Profile Assessment to Secure MANET by DDOS Attack

In the Mobile Ad-hoc Network, nodes bind together in the centralised authority's absence because reliability is one of the main challenges. The MANETS protective architecture provides some consequential problems due to the specific features of MANETS. The DDoS attack in the network is not quickly detectable. A management infrastructure that guarantees extensive security and the required network performance from attacks must be developed to overcome the barriers. Direct methods cannot be found successfully in mobile ad hoc networks in which network topology differs animatedly. Different DDoS security systems boost the network's output in front of an attacker to deactivate mismanagement, like NTRS. In this study, the Distributed Profile Evaluation Mechanism (DPEAP) DDoS Attack Effect in the Network proposes that compromise packets tossed out of the network beyond the network's capacity. The NTRS was a modern methodology in the study, and the DPEAP suggested is a new technique. The DPEAP identifies the attacker's behaviour by matching an attacker's profile with the ordinary nodes on the network, provided that the Node Profile is regular in the foaming of the proper network data delivery. The DPEAP then declare that the attacker's network has no hazard. In contrast with NTRS in MANET, the DPEAP method is stable and efficient

Game Theory Approaches in Taxonomy of Intrusion Detection for MANETs

MANETs are self configuring networks that are formed by a set of wireless mobile nodes and have no fixed network infrastructure nor administrative support. Since transmission range of wireless network interfaces is limited, forwarding hosts may be needed. Each node in a wireless ad hoc network functions is as both a host and a router. Due to their communication type and resources constraint, MANETs are vulnerable to diverse types of attacks and intrusions so, security is a critical issue. Network security is usually provided in the three phases: intrusion prevention, intrusion detection and intrusion tolerance phase. However, the network security problem is far from completely solved. Researchers have been exploring the applicability of game theory approaches to address the network security issues. This paper reviews some existing game theory solutions which are designed to enhance network security in the intrusion detection phase. Keywords: Mobile Ad hoc Network (MANET), Intrusion detection system (IDS), Cluster head, host based, Game theory

A Survey in Wireless Ad hoc Network Security and Secure Energy Optimization Approaches for Routing

Wireless ad hoc network nodes together establish a network infrastructure without using any access points or base stations for communicates using multi hop schemes. It has significant characteristics like dynamic topologies, constrained in bandwidth and limited resource a high challenge in implementing security with optimized energy resource utilization which is the key aspects while designing modern ad hoc networks architecture. Ad hoc Networks nodes are limited in broadcast range, and also their capabilities of computation and storage are well limited to their energy resources. This limitation of resources in wireless ad hoc creates high challenges in incorporating security mechanism for routing security and privacy maintenance. This paper investigates the various issues and challenges in secure routing and energy optimization during communication in wireless ad hoc network towards security and secure energy utilization improvisation

A Survey of Security Challenges and Issues in Manet

Nodes intriguing element in Mobile Ad-hoc Networks (MANET) are predictable to hold to the rules stated by the routing protocol utilized in the network. Safe routing protocols endeavor to decrease the ill-effect of nodes under the control of malicious entities who intentionally violate the protocol.. There are so many generic tools which are universal for individual as well as organizations for customers to offer protection which comprises Antivirus, Ant spam, etc., and network securities have turn into important issue in MANET. Security is one of the major issues in the MANET particularly w.r.t. complexity and size of the network. The main focus of this survey is to discuss & represent special characteristics of security in MANET and also apply several of the solutions security threats within MANET network similar to intruder activities, tapping and integrity, MANET link layer and network layer operations w.r.t. information security etc) w.r.t. MANET network. This Survey paper also discusses different number of security scenarios of MANET, Attacks in MANET and IDS in MANET. Keywords: AODV, MANET, Network Security, IDS, Attack

A technical review and comparative analysis of machine learning techniques for intrusion detection systems in MANET

Machine learning techniques are being widely used to develop an intrusion detection system (IDS) for detecting and classifying cyber attacks at the network-level and the host-level in a timely and automatic manner. However, Traditional Intrusion Detection Systems (IDS), based on traditional machine learning methods, lacks reliability and accuracy. Instead of the traditional machine learning used in previous researches, we think deep learning has the potential to perform better in extracting features of massive data considering the massive cyber traffic in real life. Generally Mobile Ad Hoc Networks have given the low physical security for mobile devices, because of the properties such as node mobility, lack of centralized management and limited bandwidth. To tackle these security issues, traditional cryptography schemes can-not completely safeguard MANETs in terms of novel threats and vulnerabilities, thus by applying Deep learning methods techniques in IDS are capable of adapting the dynamic environments of MANETs and enables the system to make decisions on intrusion while continuing to learn about their mobile environment. An IDS in MANET is a sensoring mechanism that monitors nodes and network activities in order to detect malicious actions and malicious attempt performed by Intruders. Recently, multiple deep learning approaches have been proposed to enhance the performance of intrusion detection system. In this paper, we made a systematic comparison of three models, Inceprtion architecture convolutional neural network Inception-CNN, Bidirectional long short-term memory (BLSTM) and deep belief network (DBN) on the deep learning-based intrusion detection systems, using the NSL-KDD dataset containing information about intrusion and regular network connections, the goal is to provide basic guidance on the choice of deep learning methods in MANET

Analysis of Black hole Attack in Ad hoc On-Demand Distance Vector (AODV) Routing Protocol : Vehicular Ad-hoc Networks (VANET) Context

In past years, popularity of Mobile Ad hoc Networks has led to the conception of Vehicular Ad hoc Networks. These networks must be highly secure before their implementation in real world. One of the vital aspects of these networks is routing protocol. Most of the protocols in VANET acknowledge all nodes in a network to be genuine by default. But there might be malicious nodes which can make the network vulnerable to various attacks. One such attacks is a black hole attack on AODV routing protocol. Because of its popularity, AODV and black hole attack are taken into consideration for this thesis. The aim of the thesis is to analyze effects of black hole attack on AODV and understand security need of routing protocols in VANET. The experimentation for this thesis was performed with 40, 60 and 80 nodes in network simulator (NS). The performance metrics such as average throughput, end to end delay and packet delivery ratio of each assumed scenarios under blackhole attack and with prevention method are calculated. The obtained calculations are compared to analyze the network performance of AODV. The results from the simulator demonstrate that overall network performance of AODV increased with black hole prevention algorithm in comparison to AODV under black hole attack only. Out of all the performance metrics that are used to analyze the network performance, the average throughput of AODV is significantly increased by 21 percent (approximately) when the mitigation algorithm is applied. The prevention approach used for the thesis can make AODV perform better against black hole attack. However, this approach is limited to a small to medium sized networks only

Efficiency and Accuracy Enhancement of Intrusion Detection System Using Feature Selection and Cross-layer Mechanism

The dramatic increase in the number of connected devices and the significant growth of the network traffic data have led to many security vulnerabilities and cyber-attacks. Hence, developing new methods to secure the network infrastructure and protect data from malicious and unauthorized access becomes a vital aspect of communication network design. Intrusion Detection Systems (IDSs), as common widely used security techniques, are critical to detect network attacks and unauthorized network access and thus minimize further cyber-attack damages. However, there are a number of weaknesses that need to be addressed to make reliable IDS for real-world applications. One of the fundamental challenges is the large number of redundant and non-relevant data. Feature selection emerges as a necessary step in efficient IDS design to overcome high dimensionality problem and enhance the performance of IDS through the reduction of its complexity and the acceleration of the detection process. Moreover, detection algorithm has significant impact on the performance of IDS. Machine learning techniques are widely used in such systems which is studied in details in this dissertation. One of the most destructive activities in wireless networks such as MANET is packet dropping. The existence of the intrusive attackers in the network is not the only cause of packet loss. In fact, packet drop can occur because of faulty network. Hence, in order detect the packet dropping caused by a malicious activity of an attacker, information from various layers of the protocol is needed to detect malicious packet loss effectively. To this end, a novel cross-layer design for malicious packet loss detection in MANET is proposed using features from physical layer, network layer and MAC layer to make a better detection decision. Trust-based mechanism is adopted in this design and a packet loss free routing algorithm is presented accordingly