Simulation and performance analysis of distributed cooperative trust based intrusion detection frameworks for MANETs

Hareketli Geçici Ağlar (HGA) altyapısız bir topoloji oluşturan düğümler topluluğudur. Bu ağlarda, merkezi bir erişim noktası ya da merkezi bir yönetim söz konusu değildir. Bu özelliklerinden dolayı Saldırı Tespit Sistemi (STS) söz konusu olduğunda HGA’lar kendine özgü bir takım problemler ortaya koyarlar. Bu çalışmada HGA’lar için güven esasına dayalı bir saldırı tespit sistemi mimarisi ortaya konulmaktadır. Önerilen mimaride, saldırı tespit sistemi, saldırıların yerel ya da global tespitine ve düğümler arasındaki iş birliği ve güven esasına dayanmakta olup dağıtık olarak gerçekleştirilmektedir. Bu anlamda “güven” önemli bir sorun sahası oluşturmaktadır. Önerilen mimaride, düğümler, komşu düğümlerin muhtemel şüpheli davranışlarını izlemektedirler. Bir anomali söz konusu olduğunda ağ üzerinde STS uyarı mesajı yayınlanmaktadır. STS uyarı mesajlarının tekrarlanmasının izlenmesi sayesinde güven değerlendirilmesi yapılmaktadır. Önerilen mimari, iş birliği ile güven esasına dayalı, dağıtılmış bir STS ortaya koyarak, HGA’da düğümlerin devingenliğinden ve düğümlerin bencil davranma ihtimalinden kaynaklanan dezavantajları ortadan kaldırmayı hedeflemektedir.

Hareketli geçici ağlar için dağıtılmış kooperatif güven tabanlı sızma tespit Sisteminin simülasyon ve performans analizi

Mobile Ad Hoc Network (MANET) is a collection of nodes, which form an infastructureless topology. There is no central access point or centralized management. Intrusion detection in MANETs, however, is challenging for a number of reasons. This paper introduces intrusion detection architecture for MANETs, based on trust relationship and cooperation. In our proposed framework, intrusion detection system relies on local and global determination of attacks within network and intrusion detection is carried out in a distributed fashion. Reputation mechanism is used for trust assessment, which is obtained by watching the neighbor nodes behaviors. IDS alert messages are used to disseminate evidences of an intrusion attempt. A distributed IDS engine is the focal point of the architecture and we aim to utilize a cooperative trust based intrusion detection system to cope with the disadvantages drawn from mobility of nodes. In this paper, we present the feasibility of the proposed architecture by a detailed performance analyses according to the results obtained from simulations.

PDF

___

[1]Hoebeke, J., Moerman, I., Dhoedt B. and Demeester, P., An Overview of Mobile Ad Hoc Networks: Applications and Challenges. Journal of the Communications Network, Vol. 3, July 2004: pp. 60-66.
[2]Sen, S. and J.A.Clark, Intrusion Detection in Mobile Ad Hoc Networks. Guide to Wireless Ad Hoc Networks, ISBN 978-1-84800-328-6, Springer, 2009.
[3]Indirani, G. and Selvakumar, K. Performance of Swarm Based Intrusion Detection System Under Different Mobility Conditions in MANET. International Journal of Emerging Technology and Advanced Engineering, ISSN 2250-2459, Vol. 3, Issue 4, April 2013: pp. 577-583.
[4]Chhabra P., Intrusion Detection in Mobile Ad hoc Network, International Journal of Latest Trends in Engineering and Technology, ISSN: 2278-621X, Vol. 1 Issue 3 September 2012: pp. 34-40.
[5]Sterne, D. and R. Balasubramanyam, A general Cooperative Intrusion Detection Architecture for MANETs. In Proc of the 3rd IEEE IWIA, 2005: pp. 57- 70.
[6]Zhang, Y. and W. Lee, Intrusion detection techniques for mobile wireless networks. Wireless Networks, 9, 2003: pp. 45-556.
[7]Indirani, G. and Selvakumar, K., Swarm based Intrusion Detection and Defense Technique for Malicious Attacks in Mobile Ad Hoc Networks, International Journal of Computer Applications (0975– 8887), Vol. 50, No.19, July 2012: pp. 1-7.
[8]Sethi, S. and Pattnaik, A., A Distributed Trust and Reputation Framework for Mobile Ad Hoc Networks, Project Report, Project Id: 1236, National Institute of Science & Technology, Palur Hills, Berhampur, Odisha – 761008, India, 2012-2013.
[9]Rafsanjani, M., Movaghar, A. and Koroupi, F. Investigating Intrusion Detection Systems in MANET and Comparing IDSs for Detecting Misbehaving Nodes. World Academy of Science Engineering and Technology 44, 2008: pp. 351-355.
[10] Sivakumar, K. and Phil, M., Overview of Various Attacks in MANET and Countermeasures for Attacks. International Journal of Computer Science and Management Research, ISSN 2278-733X, Vol. 2, Issue 1, January 2013: pp. 1366-1372.
[11] Vigna, G., An Intrustion Detection Tool for AODV-Based Ad Hoc Wireless Networks. Annual Computer Security Applications Conference (ACSAC 2004), 2004: pp. 16-27.
[12] Rebahi, Y., v. Mujica, and D. Sisalem, A reputation Based trust mechanism for Ad Hoc networks. 10th IEEE Symp. on Computers and Communicatins (ISCC 2005), 2005: pp. 37-42.
[13] Chen, T. and V. Venkataramanan, Dempster- Shaffer theory for intrusion detection in mobile ad hoc networks. IEEE Internet computing 2005, 9: pp. 35-41.
[14] Mutlu, S. and G. Yilmaz, A Distributed Cooperative Trust Based Intrusion Detection Framework for MANETs. The Seventh International Conference on Networking and Services (ICNS 2011), 2011: pp. 292-298.
[15] Snort, 2011 [cited 2011 30 May 2011]; Available from: www.snort.org.
[16] Hu, J. and M. Burmester, Cooperation in Mobile Ad Hoc Networks. Guide to Wireless Ad Hoc Networks, Computer Communications and Networks, 2009: pp. 43-53.