A cross-layer based intrusion detection approach for wireless ad hoc networks

Thamilarasu, Geethapriya; Balasubramanian, A.; Mishra, Salonee; Sridhar, R.

doi:10.1109/mahss.2005.1542882

Cited by 48 publications

(26 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Also the fact that nodes fail to respond, e.g. through network congestion, link failure, or topology changes, can be confused with intrusions [15], producing high false positive rates.…”

Section: Related Workmentioning

confidence: 99%

Anomaly Detection and Mitigation for Disaster Area Networks

Cucurull

Asplund

Nadjm‐Tehrani

2010

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. One of the most challenging applications of wireless networking are in disaster area networks where lack of infrastructure, limited energy resources, need for common operational picture and thereby reliable dissemination are prevalent. In this paper we address anomaly detection in intermittently connected mobile ad hoc networks in which there is little or no knowledge about the actors on the scene, and opportunistic contacts together with a store-and-forward mechanism are used to overcome temporary partitions. The approach uses a statistical method for detecting anomalies when running a manycast protocol for dissemination of important messages to k receivers. Simulation of the random walk gossip (RWG) protocol combined with detection and mitigation mechanisms is used to illustrate that resilience can be built into a network in a fully distributed and attack-agnostic manner, at a modest cost in terms of drop in delivery ratio and additional transmissions. The approach is evaluated with attacks by adversaries that behave in a similar manner to fair nodes when invoking protocol actions.

show abstract

“…Also the fact that nodes fail to respond, e.g. through network congestion, link failure, or topology changes, can be confused with intrusions [15], producing high false positive rates.…”

Section: Related Workmentioning

confidence: 99%

Anomaly Detection and Mitigation for Disaster Area Networks

Cucurull

Asplund

Nadjm‐Tehrani

2010

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

“…A novel Cross-layer based Intrusion Detection System (CIDS) is presented in (Thamilarasu et al, 2005) to recognize the malevolent node(s).…”

Section: Literature Reviewmentioning

confidence: 99%

Detecting Multiple Intrusion Attacks Using Permanent Girth Clustering Model in Wireless Sensor Network

Jayamurugan¹

2014

Journal of Computer Science

View full text Add to dashboard Cite

Security is the central challenge and one of the serious concerns for designing reliable sensor networks. Of the different types of security threats in wireless sensor network, particularly dangerous attack is the replica node attack, in which the opponent takes the secret keying materials from a compromised node. It then produces large number of attacker-controlled replicas that divide up the cooperation node's keying materials and ID. In this study we are specifically interested in investigating the extremely difficult problem concerning multiple attacks being routed in parallel with a given utility field and see if significant hypothetical solutions could be drawn. A clustering model for discovering multiple intrusions in WSN is identified. Permanent-girth Clustering (PC) model used to detect abnormal traffic patterns and then uses PC model to built the normal traffic behavior. In this study we develop mechanisms so that the PC model is capable to distinguish attacks. Furthermore, the detection scheme is based on position of traffic features that potentially are practical to an extensive variety of routing attacks. In order to approximate intrusion detection scheme, extensive sensor network simulator producing routing attacks in wireless sensor networks is designed. PC model for intrusion detection is capable to attain high detection accuracy with a low false positive rate for a multiplicity of replicated routing attacks. NS2 simulator is used to perform the experimental work of PC model on wireless sensor network. The experimental evaluation of PC model is measured in terms of average delay measurement, energy consumption and low false positive rate.

show abstract

“…By looking at indicators in the MAC such as collision rate or the number of retransmissions requests, a node may be able to tell if there are degradations of the radio medium, whether they are environmental or caused by an attacker. In all of [4,9,22,26], there is a part of the intrusion detection being done based on the collision rate. This mechanism is close to the definition of specification-based IDS, which detects whether a node respects the protocol they should run.…”

Section: Inputs From the Medium Access Control (Mac) Protocolmentioning

confidence: 99%

“…By designing an IDS more specific to the routing protocol, it becomes possible to detect deviations from the routing protocol, using an analysis that can span from simple rules or features to a complete specification-based monitoring. Both [9] and [26] propose some IDS which uses promiscuous listening. The IDS in [27,29] monitor the routing process of neighboring nodes using finite state machines, respectively built for AODV 1 and OLSR 2 .…”

Section: Data Based On the Routing Layer And Trafficmentioning

confidence: 99%

Discovering Flaws in IDS Through Analysis of Their Inputs

Jamet

Lafourcade

2014

Foundations and Practice of Security

View full text Add to dashboard Cite

Abstract. To secure Wireless Ad-hoc Networks (WANET) against malicious behaviors, three components are needed: prevention, detection, and response. In this paper, we focus on Intrusion Detection Systems (IDS) for WANET. We classify the different inputs used by the decision process of these IDS, according to their level of cooperation, and the source of their data. We then propose a decision aid which allows automated discovery of attacks for IDS, according to the inputs used. Finally we apply our framework to discover weaknesses in two existing IDS.

show abstract

A cross-layer based intrusion detection approach for wireless ad hoc networks

Cited by 48 publications

References 9 publications

Anomaly Detection and Mitigation for Disaster Area Networks

Anomaly Detection and Mitigation for Disaster Area Networks

Detecting Multiple Intrusion Attacks Using Permanent Girth Clustering Model in Wireless Sensor Network

Discovering Flaws in IDS Through Analysis of Their Inputs

Contact Info

Product

Resources

About