期刊名称:International Journal of Engineering and Computer Science
印刷版ISSN:2319-7242
出版年度:2013
卷号:2
期号:12
页码:3422-3430
出版社:IJECS
摘要:A mobile ad hoc network (MANET) is a collection of wireless devices moving in seeminglyrandom directions and communicating with one another without the aid of an established infrastructure.To extend the reachability of a node, the other nodes in the network act as routers. Several intrusiondetection techniques (IDTs) proposed for mobile ad hoc networks rely on each node passively monitoringthe data forwarding by its next hop. This project presents quantitative evaluations of false positives andtheir impact on monitoring based intrusion detection for ad hoc networks. Experimental results showthat, even for a simple three-node configuration, an actual ad hoc network suffers from high falsepositives; these results are validated by Markov and probabilistic models. However, this false positiveproblem cannot be observed by simulating the same network using popular ad hoc network simulators,such as ns-2, OPNET or Glomosim. To remedy this, a probabilistic noise generator model is implementedby using sliding window based monitoring approach. With this revised noise model, the simulatednetwork exhibits the aggregate false positive behavior similar to that of the experimental testbed.Simulations of larger (50-node) ad hoc networks indicate that monitoring-based intrusion detection hasvery high false positives. These false positives can reduce the network performance or increase theoverhead. In a simple monitoring-based system where no secondary and more accurate methods are used,the false positives impact the network performance in two ways: reduced throughput in normal networkswithout attackers and inability to mitigate the effect of attacks in networks with attackers
关键词:Intrusion detection techniques; reachability of a node; mobile ad hoc networks; data;forwarding; Markov and probabilistic models; false positive problem; noise generator model.
