Hierarchical Design Based Intrusion Detection System For Wireless Ad hoc Network

In recent years, wireless ad hoc sensor network becomes popular both in civil and military jobs. However, security is one of the significant challenges for sensor network because of their deployment in open and unprotected environment. As cryptographic mechanism is not enough to protect sensor network from external attacks, intrusion detection system needs to be introduced. Though intrusion prevention mechanism is one of the major and efficient methods against attacks, but there might be some attacks for which prevention method is not known. Besides preventing the system from some known attacks, intrusion detection system gather necessary information related to attack technique and help in the development of intrusion prevention system. In addition to reviewing the present attacks available in wireless sensor network this paper examines the current efforts to intrusion detection system against wireless sensor network. In this paper we propose a hierarchical architectural design based intrusion detection system that fits the current demands and restrictions of wireless ad hoc sensor network. In this proposed intrusion detection system architecture we followed clustering mechanism to build a four level hierarchical network which enhances network scalability to large geographical area and use both anomaly and misuse detection techniques for intrusion detection. We introduce policy based detection mechanism as well as intrusion response together with GSM cell concept for intrusion detection architecture.Comment: 16 pages, International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.3, July 2010. arXiv admin note: text overlap with arXiv:1111.1933 by other author

A Survey on Intrusion Detection System in MANET

A mobile ad hoc network is an infrastructure less network which is prone to various malicious attacks when incorporated in applications. It is a dreadful task for attaining security to the greatest degree in MANET. This is awaited to the diverse characteristics of mobile ad hoc networks which unlike from well-established infrastructure network. In order to overcome this security challenges the Intrusion detection systems have been deployed in the ad hoc network. In this paper we focus on surveying heterogeneous intrusion detection systems used in MANET for defending various attacks

Intelligent black hole detection in mobile AdHoc networks

Security is a critical and challenging issue in MANET due to its open-nature characteristics such as: mobility, wireless communications, self-organizing and dynamic topology. MANETs are commonly the target of black hole attacks. These are launched by malicious nodes that join the network to sabotage and drain it of its resources. Black hole nodes intercept exchanged data packets and simply drop them. The black hole node uses vulnerabilities in the routing protocol of MANETS to declare itself as the closest relay node to any destination. This work proposed two detection protocols based on the collected dataset, namely: the BDD-AODV and Hybrid protocols. Both protocols were built on top of the original AODV. The BDD-AODV protocol depends on the features collected for the prevention and detection of black hole attack techniques. On the other hand, the Hybrid protocol is a combination of both the MI-AODV and the proposed BDD-AODV protocols. Extensive simulation experiments were conducted to evaluate the performance of the proposed algorithms. Simulation results show that the proposed protocols improved the detection and prevention of black hole nodes, and hence, the network achieved a higher packet delivery ratio, lower dropped packets ratio, and lower overhead. However, this improvement led to a slight increase in the end-to-end delay

Intrusion-aware Alert Validation Algorithm for Cooperative Distributed Intrusion Detection Schemes of Wireless Sensor Networks

Existing anomaly and intrusion detection schemes of wireless sensor networks have mainly focused on the detection of intrusions. Once the intrusion is detected, an alerts or claims will be generated. However, any unidentified malicious nodes in the network could send faulty anomaly and intrusion claims about the legitimate nodes to the other nodes. Verifying the validity of such claims is a critical and challenging issue that is not considered in the existing cooperative-based distributed anomaly and intrusion detection schemes of wireless sensor networks. In this paper, we propose a validation algorithm that addresses this problem. This algorithm utilizes the concept of intrusion-aware reliability that helps to provide adequate reliability at a modest communication cost. In this paper, we also provide a security resiliency analysis of the proposed intrusion-aware alert validation algorithm.Comment: 19 pages, 7 figure

A COMPREHENSIVE SURVEY ON DETECTING BLACK HOLE ATTACK IN MOBILE AD-HOC NETWORK (MANET)

The infrastructure-less nature and mobility of nodes in mobile ad-hoc network (MANET) make it to be very susceptible to various attacks. Besides, owing to its flexibility and simplicity, there is no predefined time or permission set for nodes to leave or join the network and each node can act as a client or server.  Nevertheless, securing communication between nodes has become a challenging problem than in other types of network. Attacks in MANET range into different categories. Black hole attack is one of the attacks that has been addressed by many researchers in the recent years. It does occur when a harmful mobile node called black hole becomes a part of the network and tries to use its malicious behaviors by sending fake route reply packets (RREP) for any received route request packets (RREQ). When these faked packets arrive to the source node, it does reply to them by sending data packet via the established route. Once the packets are received by the black hole, it drops them before reaching the destination.  Hence, preventing the source node from reaching the intended destination. In this paper, we present an overview of a wide range of techniques suggested in the literature for detecting and preventing black hole attacks in mobile ad hoc network. Additionally, the effect of each approach on the network performance is also presented