Protection of an intrusion detection engine with watermarking in ad hoc networks

Mobile ad hoc networks have received great attention in recent years, mainly due to the evolution of wireless networking and mobile computing hardware. Nevertheless, many inherent vulnerabilities exist in mobile ad hoc networks and their applications that affect the security of wireless transactions. As intrusion prevention mechanisms, such as encryption and authentication, are not sufficient we need a second line of defense, Intrusion Detection. In this pa-per we present an intrusion detection engine based on neural networks and a protection method based on watermarking techniques. In particular, we exploit information visualization and machine learning techniques in order to achieve intrusion detection and we authenticate the maps produced by the application of the intelligent techniques using a novel combined watermarking embedding method. The performance of the proposed model is evaluated under different traffic conditions, mobility patterns and visualization metrics

Intrusion Detection in Mobile Ad Hoc Networks Using Classification Algorithms

In this paper we present the design and evaluation of intrusion detection models for MANETs using supervised classification algorithms. Specifically, we evaluate the performance of the MultiLayer Perceptron (MLP), the Linear classifier, the Gaussian Mixture Model (GMM), the Naive Bayes classifier and the Support Vector Machine (SVM). The performance of the classification algorithms is evaluated under different traffic conditions and mobility patterns for the Black Hole, Forging, Packet Dropping, and Flooding attacks. The results indicate that Support Vector Machines exhibit high accuracy for almost all simulated attacks and that Packet Dropping is the hardest attack to detect.Comment: 12 pages, 7 figures, presented at MedHocNet 200

Game Theory Approaches in Taxonomy of Intrusion Detection for MANETs

MANETs are self configuring networks that are formed by a set of wireless mobile nodes and have no fixed network infrastructure nor administrative support. Since transmission range of wireless network interfaces is limited, forwarding hosts may be needed. Each node in a wireless ad hoc network functions is as both a host and a router. Due to their communication type and resources constraint, MANETs are vulnerable to diverse types of attacks and intrusions so, security is a critical issue. Network security is usually provided in the three phases: intrusion prevention, intrusion detection and intrusion tolerance phase. However, the network security problem is far from completely solved. Researchers have been exploring the applicability of game theory approaches to address the network security issues. This paper reviews some existing game theory solutions which are designed to enhance network security in the intrusion detection phase. Keywords: Mobile Ad hoc Network (MANET), Intrusion detection system (IDS), Cluster head, host based, Game theory

Two-tier Intrusion Detection System for Mobile Ad Hoc Networks

Nowadays, a commonly used wireless network (i.e. Wi-Fi) operates with the aid of a fixed infrastructure (i.e. an access point) to facilitate communication between nodes when they roam from one location to another. The need for such a fixed supporting infrastructure limits the adaptability of the wireless network, especially in situations where the deployment of such an infrastructure is impractical. In addition, Wi-Fi limits nodes' communication as it only provides facility for mobile nodes to send and receive information, but not reroute the information across the network. Recent advancements in computer network introduced a new wireless network, known as a Mobile Ad Hoc Network (MANET), to overcome these limitations. MANET has a set of unique characteristics that make it different from other kind of wireless networks. Often referred as a peer to peer network, such a network does not have any fixed topology, thus nodes are free to roam anywhere, and could join or leave the network anytime they desire. Its ability to be setup without the need of any infrastructure is very useful, especially in geographically constrained environments such as in a military battlefield or a disaster relief operation. In addition, through its multi hop routing facility, each node could function as a router, thus communication between nodes could be made available without the need of a supporting fixed router or an access point. However, these handy facilities come with big challenges, especially in dealing with the security issues. This research aims to address MANET security issues by proposing a novel intrusion detection system that could be used to complement existing prevention mechanisms that have been proposed to secure such a network. A comprehensive analysis of attacks and the existing security measures proved that there is a need for an Intrusion Detection System (IDS) to protect MANETs against security threats. The analysis also suggested that the existing IDS proposed for MANET are not immune against a colluding blackmail attack due to the nature of such a network that comprises autonomous and anonymous nodes. The IDS architecture as proposed in this study utilises trust relationships between nodes to overcome this nodes' anonymity issue. Through a friendship mechanism, the problems of false accusations and false alarms caused by blackmail attackers in global detection and response mechanisms could be eliminated. The applicability of the friendship concept as well as other proposed mechanisms to solve MANET IDS related issues have been validated through a set of simulation experiments. Several MANET settings, which differ from each other based on the network's density level, the number of initial trusted friends owned by each node, and the duration of the simulation times, have been used to study the effects of such factors towards the overall performance of the proposed IDS framework. The results obtained from the experiments proved that the proposed concepts are capable to at least minimise i f not fully eliminate the problem currently faced in MANET IDS

A Prey-Predator Defence Mechanism For Ad Hoc On-Demand Distance Vector Routing Protocol

This study proposes a nature-based system survivability model. The model was simulated, and its performance was evaluated for the mobile ad hoc wireless networks. The survivability model was used to enable mobile wireless distributed systems to keep on delivering packets during their stated missions in a timely manner in the presence of attacks. A prey-predator communal defence algorithm was developed and fused with the Ad hoc On-demand Distance Vector (AODV) protocol. The mathematical equations for the proposed model were formulated using the Lotka-Volterra theory of ecology. The model deployed a security mechanism for intrusion detection in three vulnerable sections of the AODV protocol. The model simulation was performed using MATLAB for the mathematical model evaluation and using OMNET++ for protocol performance testing. The MATLAB simulation results, which used empirical and field data, have established that the adapted Lotka-Volterra-based equations adequately represent network defense using the communal algorithm. Using the number of active nodes as a measure of throughput after attack (with a maximum throughput of 250 units), the proposed model had a throughput of 230 units while under attack and the intrusion was nullified within 2 seconds. The OMNET++ results for protocol simulation that use throughput, delivery ratio, network delay, and load as performance metrics with the OMNET++ embedded datasets showed good performance of the model, which was better than the existing conventional survivability systems. The comparison of the proposed model with the existing model is also presented. The study concludes that the proposed communal defence model was effective in protecting the entire routing layer (layer 2) of the AODV protocol when exposed to diverse forms of intrusion attacks

A Novel Cooperative Intrusion Detection System for Mobile Ad Hoc Networks

Mobile ad hoc networks (MANETs) have experienced rapid growth in their use for various military, medical, and commercial scenarios. This is due to their dynamic nature that enables the deployment of such networks, in any target environment, without the need for a pre-existing infrastructure. On the other hand, the unique characteristics of MANETs, such as the lack of central networking points, limited wireless range, and constrained resources, have made the quest for securing such networks a challenging task. A large number of studies have focused on intrusion detection systems (IDSs) as a solid line of defense against various attacks targeting the vulnerable nature of MANETs. Since cooperation between nodes is mandatory to detect complex attacks in real time, various solutions have been proposed to provide cooperative IDSs (CIDSs) in efforts to improve detection efficiency. However, all of these solutions suffer from high rates of false alarms, and they violate the constrained-bandwidth nature of MANETs. To overcome these two problems, this research presented a novel CIDS utilizing the concept of social communities and the Dempster-Shafer theory (DST) of evidence. The concept of social communities was intended to establish reliable cooperative detection reporting while consuming minimal bandwidth. On the other hand, DST targeted decreasing false accusations through honoring partial/lack of evidence obtained solely from reliable sources. Experimental evaluation of the proposed CIDS resulted in consistently high detection rates, low false alarms rates, and low bandwidth consumption. The results of this research demonstrated the viability of applying the social communities concept combined with DST in achieving high detection accuracy and minimized bandwidth consumption throughout the detection process

Evaluation of Feature Reduction using Principal Component Analysis and Sequential Pattern Matching for Manet

In Mobile Ad hoc Networks (MANETs) there are some security problems because of portability, element topology changes, and absence of any framework. In MANETs, it is of extraordinary significance to identify inconsistency and malignant conduct. With a specific end goal to recognize malignant assaults by means of interruption identification frameworks and dissect the information set, we have to choose some components. Thus, highlight determination assumes basic part in recognizing different assaults. In the writing, there are a few recommendations to choose such elements. For the most part, Principal Component Analysis (PCA) breaks down the information set and the chose highlights. In this paper, we have gathered a list of capabilities from some cutting edge works in the writing. Really, our reproduction demonstrates this list of capabilities identify inconsistency conduct more precise. Likewise, interestingly, we utilize PCA for investigating the information set. In contrast to PCA, our results show Sequential pattern mining (SPM) cannot be affected by outlier data within the network. The  normal and attack states are simulated and the results are analyzed using NS2 simulator