283 research outputs found

    Real valued negative selection for anomaly detection in wireless ad hoc networks

    Get PDF
    Wireless ad hoc network is one of the network technologies that have gained lots of attention from computer scientists for the future telecommunication applications. However it has inherits the major vulnerabilities from its ancestor (i.e., the fixed wired networks) but cannot inherit all the conventional intrusion detection capabilities due to its features and characteristics. Wireless ad hoc network has the potential to become the de facto standard for future wireless networking because of its open medium and dynamic features. Non-infrastructure network such as wireless ad hoc networks are expected to become an important part of 4G architecture in the future. In this paper, we study the use of an Artificial Immune System (AIS) as anomaly detector in a wireless ad hoc network. The main goal of our research is to build a system that can learn and detect new and unknown attacks. To achieve our goal, we studied how the real-valued negative selection algorithm can be applied in wireless ad hoc network network and finally we proposed the enhancements to real-valued negative selection algorithm for anomaly detection in wireless ad hoc network

    An Artificial Immune System for Misbehavior Detection in Mobile Ad-Hoc Networks with Virtual Thymus, Clustering, Danger Signal and Memory Detectors

    Get PDF
    In mobile ad-hoc networks, nodes act both as terminals and information relays, and participate in a common routing protocol, such as Dynamic Source Routing (DSR). The network is vulnerable to routing misbehavior, due to faulty or malicious nodes. Misbehavior detection systems aim at removing this vulnerability. For this purpose, we use an Artificial Immune System (AIS), a system inspired by the human immune system (HIS). Our goal is to build a system that, like its natural counterpart, automatically learns and detects new misbehavior. In this paper we build on our previous work and investigate the use of four concepts: (1

    AIS for Misbehavior Detection in Wireless Sensor Networks: Performance and Design Principles

    Full text link
    A sensor network is a collection of wireless devices that are able to monitor physical or environmental conditions. These devices (nodes) are expected to operate autonomously, be battery powered and have very limited computational capabilities. This makes the task of protecting a sensor network against misbehavior or possible malfunction a challenging problem. In this document we discuss performance of Artificial immune systems (AIS) when used as the mechanism for detecting misbehavior. We show that (i) mechanism of the AIS have to be carefully applied in order to avoid security weaknesses, (ii) the choice of genes and their interaction have a profound influence on the performance of the AIS, (iii) randomly created detectors do not comply with limitations imposed by communications protocols and (iv) the data traffic pattern seems not to impact significantly the overall performance. We identified a specific MAC layer based gene that showed to be especially useful for detection; genes measure a network's performance from a node's viewpoint. Furthermore, we identified an interesting complementarity property of genes; this property exploits the local nature of sensor networks and moves the burden of excessive communication from normally behaving nodes to misbehaving nodes. These results have a direct impact on the design of AIS for sensor networks and on engineering of sensor networks.Comment: 16 pages, 20 figures, a full version of our IEEE CEC 2007 pape

    Analysis of a Reputation System for Mobile Ad-Hoc Networks with Liars

    Get PDF
    The application of decentralized reputation systems is a promising approach to ensure cooperation and fairness, as well as to address random failures and malicious attacks in Mobile Ad-Hoc Networks. However, they are potentially vulnerable to liars. With our work, we provide a first step to analyzing robustness of a reputation system based on a deviation test. Using a mean-field approach to our stochastic process model, we show that liars have no impact unless their number exceeds a certain threshold (phase transition). We give precise formulae for the critical values and thus provide guidelines for an optimal choice of parameters.Comment: 17 pages, 6 figure

    Challenges of Misbehavior Detection in Industrial Wireless Networks

    Get PDF
    In recent years, wireless technologies are increasingly adopted in many application domains that were either unconnected before or exclusively used cable networks. This paradigm shift towards - often ad-hoc - wireless communication has led to significant benefits in terms of flexibility and mobility. Alongside with these benefits, however, arise new attack vectors, which cannot be mitigated by traditional security measures. Hence, mechanisms that are orthogonal to cryptographic security techniques are necessary in order to detect adversaries. In traditional networks, such mechanisms are subsumed under the term "intrusion detection system" and many proposals have been implemented for different application domains. More recently, the term "misbehavior detection" has been coined to encompass detection mechanisms especially for attacks in wireless networks. In this paper, we use industrial wireless networks as an exemplary application domain to discuss new directions and future challenges in detecting insider attacks. To that end, we review existing work on intrusion detection in mobile ad-hoc networks. We focus on physical-layer-based detection mechanisms as these are a particularly interesting research direction that had not been reasonable before widespread use of wireless technology.Peer Reviewe

    An Artificial Immune System Approach with Secondary Response for Misbehavior Detection in Mobile Ad-Hoc Networks

    Get PDF
    In mobile ad hoc networks, nodes act both as terminals and information relays, and they participate in a common routing protocol, such as dynamic source routing (DSR). The network is vulnerable to routing misbehavior, due to faulty or malicious nodes. Misbehavior detection systems aim at removing this vulnerability. In this paper, we investigate the use of an artificial immune system (AIS) to detect node misbehavior in a mobile ad hoc network using DSR. The system is inspired by the natural immune system (IS) of vertebrates. Our goal is to build a system that, like its natural counterpart, automatically learns, and detects new misbehavior. We describe our solution for the classification task of the AIS; it employs negative selection and clonal selection, the algorithms for learning and adaptation used by the natural IS. We define how we map the natural IS concepts such as self, antigen, and antibody to a mobile ad hoc network and give the resulting algorithm for classifying nodes as misbehaving. We implemented the system in the network simulator Glomosim; we present detection results and discuss how the system parameters affect the performance of primary and secondary response. Further steps will extend the design by using an analogy to the innate system, danger signal, and memory cells
    • …
    corecore