Investigating Intrusion Detection Systems in MANET and Comparing IDSs for Detecting Misbehaving Nodes
As mobile ad hoc networks (MANET) have different
characteristics from wired networks and even from standard wireless
networks, there are new challenges related to security issues that
need to be addressed. Due to its unique features such as open nature,
lack of infrastructure and central management, node mobility and
change of dynamic topology, prevention methods from attacks on
them are not enough. Therefore intrusion detection is one of the
possible ways in recognizing a possible attack before the system
could be penetrated. All in all, techniques for intrusion detection in
old wireless networks are not suitable for MANET. In this paper, we
classify the architecture for Intrusion detection systems that have so
far been introduced for MANETs, and then existing intrusion
detection techniques in MANET presented and compared. We then
indicate important future research directions.
[1] B. Sun and L. Osborne Young, "Intrusion detection techniques in mobile
ad hoc and wireless sensor networks," IEEE Wireless Communications,
pp. 56-63. October 2007.
[2] L. Zhou, Z.J. Haas, "Securing ad hoc networks", IEEE Network
Magazine Special Issue on Network Security, vol. 13, no. 6, pp. 24-30,
Nov/Dec 1999.
[3] Y. Xiao, X. Shen, and D.Z. Du, Wireless/Mobile Network Security,
Springer, 2006. Ch.7.
[4] P. Brutch and C. Ko, "Challenges in intrusion detection for wireless adhoc
networks," in Proc. 2003 Symposium on Applications and the
Internet Workshop, January 2003, pp. 368-373.
[5] Y. Zhang, W. Lee, and Y. Huang, "Intrusion detection techniques for
mobile wireless networks," Wireless Networks Journal (ACM WINET),
vol. 9, no. 5, pp. 545-556, September 2003.
[6] A. Mishra, K. Nadkarni, and A. Patcha, "Intrusion detection in wireless
ad hoc networks," IEEE Wireless Communications, vol. 11, pp. 48-60,
February 2004.
[7] A. Karygiannis, E. Antonakakis, and A. Apostolopoulos, "Detecting
critical nodes for MANET intrusion detection systems," in Proc. 2nd
International Workshop on Security, Privacy and Trust in Pervasive and
Ubiquitous Computing, 2006.
[8] J. Kong, Adaptive Security for Multi-layer Ad Hoc Networks, Special
Issue of Wireless Communications and Mobile Computing, John Wiley
InterScience Press, 2002.
[9] L. Blazevic, L. Buttyan, S. Capkun, S. Giordano, J. Hubaux, and J. Le
Boudec, "Self-organization in mobile ad-hoc networks: the approach of
terminodes," IEEE Communications Magazine, vol. 39, no. 6, pp. 166-
174, 2001.
[10] Y. Zhang, and W. Lee, "Intrusion detection in wireless ad-hoc
networks," in Proc. 6th Annual International Conference on Mobile
Computing and Networking, Boston, MA, USA, 2000, pp. 275-283.
[11] N. Komninos, D. Vergados, and C. Douligeris, "Detecting unauthorized
and compromised nodes in mobile ad hoc networks," Elsevier Ad hoc
network, vol. 5, no. 3, pp. 289-298, 2007.
[12] P. Kyasanur, and N. Vaidya, "Detection and handling of MAC layer
misbehavior in wireless networks," Int. Conf. on Dependable Systems
and Networks (DSN-03), 2003, pp. 173-182.
[13] Y. Hu, A. Perrig, and D. B. Johnson, "Packet leashes: A defense against
wormhole attacks in wireless networks," in Proc. 22th Annual Joint
Conference of the IEEE Computer and Communications Societies
(INFOCOM-03), Pittsburgh, PA, USA, vol. 3, 2003, pp. 1976-1986.
[14] P. Papadimitratos, Z.J. Haas, and E.G. Sirer, "Path set selection in
mobile ad hoc networks," in Proc. 3rd ACM International Symposium
on Mobile Ad Hoc Networking and Computing, Lausanne, Switzerland,
2002, pp. 1-11.
[15] B. Sun, W. Kui, and U.W. Pooch, "Towards adaptive intrusion detection
in mobile ad hoc networks," in Proc. IEEE Global Telecommunications
Conference (GLOBECOM-04), Beaumont, TX, USA, vol. 6, 2004, pp.
3551-3555.
[16] M. K. Rafsanjani, A. Movaghar, "Identifying monitoring nodes in
MANET by detecting unauthorized and malicious nodes," in Proc. 3rd
IEEE Int. Symposium on Information Technology (ITSIM-08), August
2008, pp. 2798-2804.
[17] S. Marti, T.J. Giuli, K. Lai, and M. Baker. "Mitigating routing
misbehavior in mobile ad hoc networks," in Proc. 6th Annual Int. Conf.
on Mobile Computing and Networking (MobiCom'00), Boston, MA,
August 2000, pp.255-265.
[18] S. Buchegger and J. Le Boudec, "Performance analysis of the
CONFIDANT protocol: (Cooperation of nodes - fairness in dynamic adhoc
networks)," in Proc. IEEE / ACM Workshop on Mobile Ad Hoc
Networking and Computing (MobiHoc'02), Lausanne, Switzerland, June
2002, pp.226-336.
[19] P. Michiardi and R. Molva, "Core: a collaborative reputation mechanism
to enforce node cooperation in mobile ad hoc networks,"
Communication and Multimedia Security Conference (CMS'02),
September 2002.
[20] S. Bansal and M. Baker, "Observation-based cooperation enforcement in
ad hoc networks," Research Report cs.NI/0307012, Stanford University,
2003.
[21] Y. Huang and W. Lee, "A cooperative intrusion detection system for ad
hoc networks," in Proc. ACM Workshop on Security in Ad Hoc and
Sensor Networks (SASN'03), October 2003, pp. 135-147.
[22] O. Kachirski and R. Guha, "Effective intrusion detection using multi-ple
sensors in wireless ad hoc networks," in Proc. 36th Annual Hawaii Int.
Conf. on System Sciences (HICSS'03), January 2003, p. 57.1.
[23] Y. Huang, W. Fan, W. Lee, and P. Yu, "Cross-feature analysis for
detecting ad-hoc routing anomalies," in Proc. 23rd IEEE Int. Conf. on
Distributed Computing Systems (ICDCS'03), May 2003, pp. 478-487.
[24] N. Nasser and Y. Chen, "Enhanced intrusion detection system for
discovering malicious nodes in mobile ad hoc network," in Proc. IEEE
Int. Conf. on Communication (ICC-07), June 2007, pp. 1154-1159.
[25] A. Hasswa, M. Zulker, and H. Hassanein, "Routeguard: an intrusion
detection and response system for mobile ad hoc networks," Wireless
and Mobile Computing, Networking and Communication, vol. 3, August
2005, P336-343.
[26] M. K. Rafsanjani, A. Movaghar, "Identifying monitoring nodes with
selection of Authorized nodes in mobile ad hoc networks," World
Applied Sciences Journal, vol. 4, no.3, pp. 444-449, 2008.
[1] B. Sun and L. Osborne Young, "Intrusion detection techniques in mobile
ad hoc and wireless sensor networks," IEEE Wireless Communications,
pp. 56-63. October 2007.
[2] L. Zhou, Z.J. Haas, "Securing ad hoc networks", IEEE Network
Magazine Special Issue on Network Security, vol. 13, no. 6, pp. 24-30,
Nov/Dec 1999.
[3] Y. Xiao, X. Shen, and D.Z. Du, Wireless/Mobile Network Security,
Springer, 2006. Ch.7.
[4] P. Brutch and C. Ko, "Challenges in intrusion detection for wireless adhoc
networks," in Proc. 2003 Symposium on Applications and the
Internet Workshop, January 2003, pp. 368-373.
[5] Y. Zhang, W. Lee, and Y. Huang, "Intrusion detection techniques for
mobile wireless networks," Wireless Networks Journal (ACM WINET),
vol. 9, no. 5, pp. 545-556, September 2003.
[6] A. Mishra, K. Nadkarni, and A. Patcha, "Intrusion detection in wireless
ad hoc networks," IEEE Wireless Communications, vol. 11, pp. 48-60,
February 2004.
[7] A. Karygiannis, E. Antonakakis, and A. Apostolopoulos, "Detecting
critical nodes for MANET intrusion detection systems," in Proc. 2nd
International Workshop on Security, Privacy and Trust in Pervasive and
Ubiquitous Computing, 2006.
[8] J. Kong, Adaptive Security for Multi-layer Ad Hoc Networks, Special
Issue of Wireless Communications and Mobile Computing, John Wiley
InterScience Press, 2002.
[9] L. Blazevic, L. Buttyan, S. Capkun, S. Giordano, J. Hubaux, and J. Le
Boudec, "Self-organization in mobile ad-hoc networks: the approach of
terminodes," IEEE Communications Magazine, vol. 39, no. 6, pp. 166-
174, 2001.
[10] Y. Zhang, and W. Lee, "Intrusion detection in wireless ad-hoc
networks," in Proc. 6th Annual International Conference on Mobile
Computing and Networking, Boston, MA, USA, 2000, pp. 275-283.
[11] N. Komninos, D. Vergados, and C. Douligeris, "Detecting unauthorized
and compromised nodes in mobile ad hoc networks," Elsevier Ad hoc
network, vol. 5, no. 3, pp. 289-298, 2007.
[12] P. Kyasanur, and N. Vaidya, "Detection and handling of MAC layer
misbehavior in wireless networks," Int. Conf. on Dependable Systems
and Networks (DSN-03), 2003, pp. 173-182.
[13] Y. Hu, A. Perrig, and D. B. Johnson, "Packet leashes: A defense against
wormhole attacks in wireless networks," in Proc. 22th Annual Joint
Conference of the IEEE Computer and Communications Societies
(INFOCOM-03), Pittsburgh, PA, USA, vol. 3, 2003, pp. 1976-1986.
[14] P. Papadimitratos, Z.J. Haas, and E.G. Sirer, "Path set selection in
mobile ad hoc networks," in Proc. 3rd ACM International Symposium
on Mobile Ad Hoc Networking and Computing, Lausanne, Switzerland,
2002, pp. 1-11.
[15] B. Sun, W. Kui, and U.W. Pooch, "Towards adaptive intrusion detection
in mobile ad hoc networks," in Proc. IEEE Global Telecommunications
Conference (GLOBECOM-04), Beaumont, TX, USA, vol. 6, 2004, pp.
3551-3555.
[16] M. K. Rafsanjani, A. Movaghar, "Identifying monitoring nodes in
MANET by detecting unauthorized and malicious nodes," in Proc. 3rd
IEEE Int. Symposium on Information Technology (ITSIM-08), August
2008, pp. 2798-2804.
[17] S. Marti, T.J. Giuli, K. Lai, and M. Baker. "Mitigating routing
misbehavior in mobile ad hoc networks," in Proc. 6th Annual Int. Conf.
on Mobile Computing and Networking (MobiCom'00), Boston, MA,
August 2000, pp.255-265.
[18] S. Buchegger and J. Le Boudec, "Performance analysis of the
CONFIDANT protocol: (Cooperation of nodes - fairness in dynamic adhoc
networks)," in Proc. IEEE / ACM Workshop on Mobile Ad Hoc
Networking and Computing (MobiHoc'02), Lausanne, Switzerland, June
2002, pp.226-336.
[19] P. Michiardi and R. Molva, "Core: a collaborative reputation mechanism
to enforce node cooperation in mobile ad hoc networks,"
Communication and Multimedia Security Conference (CMS'02),
September 2002.
[20] S. Bansal and M. Baker, "Observation-based cooperation enforcement in
ad hoc networks," Research Report cs.NI/0307012, Stanford University,
2003.
[21] Y. Huang and W. Lee, "A cooperative intrusion detection system for ad
hoc networks," in Proc. ACM Workshop on Security in Ad Hoc and
Sensor Networks (SASN'03), October 2003, pp. 135-147.
[22] O. Kachirski and R. Guha, "Effective intrusion detection using multi-ple
sensors in wireless ad hoc networks," in Proc. 36th Annual Hawaii Int.
Conf. on System Sciences (HICSS'03), January 2003, p. 57.1.
[23] Y. Huang, W. Fan, W. Lee, and P. Yu, "Cross-feature analysis for
detecting ad-hoc routing anomalies," in Proc. 23rd IEEE Int. Conf. on
Distributed Computing Systems (ICDCS'03), May 2003, pp. 478-487.
[24] N. Nasser and Y. Chen, "Enhanced intrusion detection system for
discovering malicious nodes in mobile ad hoc network," in Proc. IEEE
Int. Conf. on Communication (ICC-07), June 2007, pp. 1154-1159.
[25] A. Hasswa, M. Zulker, and H. Hassanein, "Routeguard: an intrusion
detection and response system for mobile ad hoc networks," Wireless
and Mobile Computing, Networking and Communication, vol. 3, August
2005, P336-343.
[26] M. K. Rafsanjani, A. Movaghar, "Identifying monitoring nodes with
selection of Authorized nodes in mobile ad hoc networks," World
Applied Sciences Journal, vol. 4, no.3, pp. 444-449, 2008.
@article{"International Journal of Electrical, Electronic and Communication Sciences:55567", author = "Marjan Kuchaki Rafsanjani and Ali Movaghar and Faroukh Koroupi", title = "Investigating Intrusion Detection Systems in MANET and Comparing IDSs for Detecting Misbehaving Nodes", abstract = "As mobile ad hoc networks (MANET) have different
characteristics from wired networks and even from standard wireless
networks, there are new challenges related to security issues that
need to be addressed. Due to its unique features such as open nature,
lack of infrastructure and central management, node mobility and
change of dynamic topology, prevention methods from attacks on
them are not enough. Therefore intrusion detection is one of the
possible ways in recognizing a possible attack before the system
could be penetrated. All in all, techniques for intrusion detection in
old wireless networks are not suitable for MANET. In this paper, we
classify the architecture for Intrusion detection systems that have so
far been introduced for MANETs, and then existing intrusion
detection techniques in MANET presented and compared. We then
indicate important future research directions.", keywords = "Intrusion Detection System(IDS), Misbehavingnodes, Mobile Ad Hoc Network(MANET), Security.", volume = "2", number = "8", pages = "1638-5", }
