Results 1 - 10
of
19
A Comparative Evaluation of Intrusion Detection Architectures for Mobile Ad Hoc
"... Mobile Ad Hoc Networks (MANETs) are susceptible to a variety of attacks that threaten their operation and the provided services. Intrusion Detection Systems (IDSs) may act as defensive mechanisms, since they monitor network activities in order to detect malicious actions performed by intruders, and ..."
Abstract
-
Cited by 11 (3 self)
- Add to MetaCart
(Show Context)
Mobile Ad Hoc Networks (MANETs) are susceptible to a variety of attacks that threaten their operation and the provided services. Intrusion Detection Systems (IDSs) may act as defensive mechanisms, since they monitor network activities in order to detect malicious actions performed by intruders, and then initiate the appropriate countermeasures. IDS for MANETs have attracted much attention recently and thus, there are many publications that propose new IDS solutions or improvements to the existing. This paper evaluates and compares the most prominent IDS architectures for MANETs. IDS architectures are defined as the operational structures of IDSs. For each IDS, the architecture and the related functionality are briefly presented and analyzed focusing on both the operational strengths and weaknesses. Moreover, methods/techniques that have been proposed to improve the performance and the provided security services of those are evaluated and their shortcomings or weaknesses are presented. A comparison of the studied IDS architectures is carried out using a set of critical evaluation metrics, which derive from: (i) the deployment, architectural, and operational characteristics of MANETs; (ii) the special requirements of intrusion detection in MANETs; and (iii) the carried analysis that reveals the most important strengths and weaknesses of the existing IDS architectures. The evaluation metrics of the IDSs are divided into two groups: the first one is related to performance and the second to security. Finally, based on the carried evaluation and comparison a set of design features and principles are presented, which have to be addressed and satisfied in future research of designing and implementing IDSs for MANETs.
Using Bayesian Game Model for Intrusion Detection in Wireless Ad Hoc Networks Abstract
, 2010
"... Wireless ad hoc network is becoming a new research fronter, in which security is an important issue. Usually some nodes act maliciously and they are able to do different kinds of Denial of Service (Dos). Because of the limited resource, intrusion detection system (IDS) runs all the time to detect in ..."
Abstract
-
Cited by 1 (0 self)
- Add to MetaCart
(Show Context)
Wireless ad hoc network is becoming a new research fronter, in which security is an important issue. Usually some nodes act maliciously and they are able to do different kinds of Denial of Service (Dos). Because of the limited resource, intrusion detection system (IDS) runs all the time to detect intrusion of the attacker which is a costly overhead. We use game theory to model the interactions between the intrusion detection system and the attacker, and a realistic model is given by using Bayesian game. We solve the game by finding the Bayesian Nash equilibrium. The results of our analysis show that the IDS could work intermittently without compromising its effectiveness. At the end of this paper, we provide an experiment to verify the rationality and effectiveness of the proposed model.
A Secure Mechanism Design-Based and Game Theoretical Model for MANETs
"... Abstract—To avoid the single point of failure for the certificate authority (CA) in MANET, a decentralized solution is proposed where nodes are grouped into different clusters. Each cluster should contain at least two confident nodes. One is known as CA and the another as register authority RA. The ..."
Abstract
-
Cited by 1 (0 self)
- Add to MetaCart
(Show Context)
Abstract—To avoid the single point of failure for the certificate authority (CA) in MANET, a decentralized solution is proposed where nodes are grouped into different clusters. Each cluster should contain at least two confident nodes. One is known as CA and the another as register authority RA. The Dynamic Demilitarized Zone (DDMZ) is proposed as a solution for protecting the CA node against potential attacks. It is formed from one or more RA node. The problems of such a model are: (1) Clusters with one confident node, CA, cannot be created and thus clusters’ sizes are increased which negatively affect clusters ’ services and stability. (2) Clusters with high density of RA can cause channel collision at the CA. (3) Clusters ’ lifetime are reduced since RA monitors are always launched (i.e., resource consumption). In this paper, we propose a model based on mechanism design that will allow clusters with single trusted node (CA) to be created. Our mechanism will motivate nodes that do not belong to the confident community to participate by giving them incentives in the form of trust, which can be used for cluster’s services. To achieve this goal, a RA selection algorithm is proposed that selects nodes based on a predefined selection criteria function and location (i.e., using directional antenna). Such a model is known as moderate. Based on the security risk, more RA nodes must be added to formalize a robust DDMZ. Here, we consider the tradeoff between security and resource consumption by formulating the problem as a nonzero-sum noncooperative game between the CA and attacker. Finally, empirical results are provided to support our solutions. Index Terms—MANET security, mechanism design, certificate authority and clustering.
Energy-based adaptation in simulations of survivability of ad hoc communication
"... Abstract—Mobile wireless handheld devices can support ad hoc communication when infrastructure systems are overloaded or not available. Unfortunately, the constrained capacity of their batteries and the energy inefficiency inherent to the ad hoc communication poses a challenge causing a short lifeti ..."
Abstract
-
Cited by 1 (1 self)
- Add to MetaCart
(Show Context)
Abstract—Mobile wireless handheld devices can support ad hoc communication when infrastructure systems are overloaded or not available. Unfortunately, the constrained capacity of their batteries and the energy inefficiency inherent to the ad hoc communication poses a challenge causing a short lifetime. Protocols and application layer services, such as security, can be designed (offline) to do an efficient use of the resources. Realtime adaptation can further minimise their impact on the energy consumption, increasing the network lifetime thus extending the availability of network communication. In this paper, we propose an energy-aware adaption component for an Intrusion Detection System (IDS) in mobile ad hoc networks (MANET). The component is in charge of adjusting the parameters of the IDS based on the current energy level, using the trade-off between the node’s response to attacks and the energy consumption induced by the IDS. The approach is based on a model for accounting CPU energy consumption in network simulation, which has been implemented in an existing IDS in ns-3. Simulations demonstrate that the adaption has a positive impact on the battery life time, increasing it by 14%, without deteriorating the network-wide performance of the IDS. Index Terms—Adaptation, energy-awareness, CPU model, energy modelling, survivability, intrusion detection.
Author manuscript, published in "IEEE WiMob'2008, Avignon: France (2008)" DOI: 10.1109/WiMob.2008.77 A Mechanism Design-Based Secure Architecture
, 2012
"... Abstract—To avoid the single point of failure for the certificate authority (CA) in MANET, a decentralized solution is proposed where nodes are grouped into different clusters. Each cluster should contain at least two confident nodes. One is known as CA and the another as register authority RA. The ..."
Abstract
- Add to MetaCart
(Show Context)
Abstract—To avoid the single point of failure for the certificate authority (CA) in MANET, a decentralized solution is proposed where nodes are grouped into different clusters. Each cluster should contain at least two confident nodes. One is known as CA and the another as register authority RA. The Dynamic Demilitarized Zone (DDMZ) is proposed as a solution for protecting the CA node against potential attacks. It is formed from one or more RA node. The problems of such a model are: (1) Clusters with one confident node, CA, cannot be created and thus clusters ’ sizes are increased which negatively affect clusters ’ services and stability. (2) Clusters with high density of RA can cause channel collision at the CA. (3) Clusters’ lifetime are reduced since RA monitors are always launched (i.e., resource consumption). In this paper, we propose a model based on mechanism design that will allow clusters with single trusted node (CA) to be created. Our mechanism will motivate nodes that do not belong to the confident community to participate by giving them incentives in the form of trust, which can be used for cluster’s services. To achieve this goal, a RA selection algorithm is proposed that selects nodes based on a predefined selection criteria function and location (i.e., using directional antenna). Finally, empirical results are provided to support our solutions. Index Terms—MANET security, mechanism design, certificate authority and clustering.
Secure Cluster Head Election for Intrusion Detection in MANET
"... Abstract- In this paper, Leader election is studied in the presence of selfish node for intrusion detection in Mobile Ad Hoc Networks (MANETs).To balance the resource consumption among all the nodes, the most cost-efficient leaders with the most remaining energy must be elected as leader.But, the se ..."
Abstract
- Add to MetaCart
Abstract- In this paper, Leader election is studied in the presence of selfish node for intrusion detection in Mobile Ad Hoc Networks (MANETs).To balance the resource consumption among all the nodes, the most cost-efficient leaders with the most remaining energy must be elected as leader.But, the selfish nodes may behave selfishly by lying about their energy level and avoid them being elected. To address the issue of selfishnode anauction based routingmechanism is proposed. This mechanism can encourage selfish node to behave honestly before and after election by providing incentives in the form of credits by credit based techniques. Auction mechanism can always elect the most energy remaining nodes as cluster head. Simulation result shows that auction mechanism can effectively prolong the overall lifetime in MANET. Keywords:Leader election, intrusion detection systems, auction mechanism, selfish node, credit based technique and MANET security. I.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. IEEE TRANSACTIONS ON DEPEDABLE AND SECURE COMPUTING 1 Mechanism Design-Based Secure Leader Elec
"... Abstract—In this paper, we study leader election in the presence of selfish nodes for intrusion detection in mobile ad hoc networks (MANETs). To balance the resource consumption among all nodes and prolong the lifetime of a MANET, nodes with the most remaining resources should be elected as the lead ..."
Abstract
- Add to MetaCart
(Show Context)
Abstract—In this paper, we study leader election in the presence of selfish nodes for intrusion detection in mobile ad hoc networks (MANETs). To balance the resource consumption among all nodes and prolong the lifetime of a MANET, nodes with the most remaining resources should be elected as the leaders. However, there are two main obstacles in achieving this goal. First, without incentives for serving others, a node might behave selfishly by lying about its remaining resources and avoiding being elected. Second, electing an optimal collection of leaders to minimize the overall resource consumption may incur a prohibitive performance overhead, if such an election requires flooding the network. To address the issue of selfish nodes, we present a solution based on mechanism design theory. More specifically, the solution provides nodes with incentives in the form of reputations to encourage nodes in honestly participating in the election process. The amount of incentives is based on the Vickrey, Clarke, and Groves (VCG) model to ensure truth-telling to be the dominant strategy for any node. To address the optimal election issue, we propose a series of local election algorithms that can lead to globally optimal election results with a low cost. We address these issues in two possible application settings, namely, Cluster Dependent Leader Election (CDLE) and Cluster Independent Leader Election (CILE). The former assumes given clusters of nodes, whereas the latter does not require any preclustering. Finally, we justify the effectiveness of the proposed schemes through extensive experiments. Index Terms—Leader election, intrusion detection systems, mechanism design and MANET security. I.
Resource Constrained Leader Election Scheme for Intrusion Detection in Mobile Ad-Hoc Networks
"... Abstract- Mobile Ad-hoc Network is a peer-to-peer wireless network that transmits data from computer to computer without the use of a central base station or access point. Intrusion detection techniques are used for the network attack detection process. The system is designed to handle leader electi ..."
Abstract
- Add to MetaCart
Abstract- Mobile Ad-hoc Network is a peer-to-peer wireless network that transmits data from computer to computer without the use of a central base station or access point. Intrusion detection techniques are used for the network attack detection process. The system is designed to handle leader election scheme for intrusion detection process. In this paper, we use leader election algorithm to find the globally optimal cost-efficient leader and it is devised to handle the election process for possibility of cheating and security flaws, such as replay attacks. The clustering scheme is optimized with coverage and traffic level. Cost and resource utilization is controlled under the clusters. The system development and analysis are carried out under the JiST (Java in Simulation Time) simulation environment.
Decentralised Soft-Security in Distributed Systems
"... e-theses repository This unpublished thesis/dissertation is copyright of the author and/or third parties. The intellectual property rights of the author or third parties in respect of this work are as defined by The Copyright Designs and Patents Act 1988 or as modified by any successor legislation. ..."
Abstract
- Add to MetaCart
e-theses repository This unpublished thesis/dissertation is copyright of the author and/or third parties. The intellectual property rights of the author or third parties in respect of this work are as defined by The Copyright Designs and Patents Act 1988 or as modified by any successor legislation. Any use made of information contained in this thesis/dissertation must be in accordance with that legislation and must be properly acknowledged. Further distribution or reproduction in any format is prohibited without the permission Existing approaches to intrusion detection in imperfect wireless environments employ local monitoring, but are limited by their failure to reason about the imprecise monitoring within a radio environment that arises from unidirectional links and collisions. This compounds the challenge of detecting subtle behaviour or adds to uncertainty in the detection strategies employed. A simulation platform was developed, based on the Jist/SWANS environment, adopting
