ABSTRACT
This paper presents an implementation of an Intrusion Detection System (IDS) aiming to secure the AODV protocol designed for MANET. The IDS is designed as multiple static agents that run on a subset of the nodes in the network and executes a monitoring protocol that observes the process of route establishment. The monitoring protocol uses specification based intrusion detection to identify misuses to the routing messages. The IDS design is a correlation of previous work done in the field of MANET security. The IDS is implemented using ns-2 simulator and its ability to detect attacks was tested using previously devised attack scripts. Detailed specification for the runtime behavior of the AODV protocol was derived in the process of implementation
- Karchirski, O. and Guha, R., "Effective Intrusion Detection Using Multiple Sensors in Wireless Ad Hoc Networks", In Proceedings of the 36th Hawaii International Conference on System Sciences (HICSS'03) p.57. Google ScholarDigital Library
- Tseng, C., Y., Balasubramanyam, P., Ko, C., Limprasittiporn, R., Rowe, J., Levitt, K., "A Specification-based Intrusion Detection System for AODV", Proceedings of the 1st ACM workshop on Security of ad hoc and sensor networks, 2003, pp. 125--134. http://portal.acm.org/citation.cfm?id=986858.986876 Google ScholarDigital Library
- Ning, P., Sun, K., "How to Misuse AODV: A case Study of Insider Attacks against Mobile Ad-hoc Routing Protocols", In Proceedings of the 4th Annual IEEE Information Assurance Workshop, pp. 60--67, West Point, June 2003.Google ScholarCross Ref
- Perkins, C. E., Royer, E. M., "Ad hoc On-Demand Distance Vector Routing", Proceedings of the 2nd IEEE Workshop on Mobile Computing Systems and Applications, New Orleans, LA, February 1999, pp. 90--100. Google ScholarDigital Library
Index Terms
- Securing the AODV protocol using specification-based intrusion detection
Recommendations
A specification-based intrusion detection system for AODV
SASN '03: Proceedings of the 1st ACM workshop on Security of ad hoc and sensor networksThe Ad hoc On-Demand Distance Vector (AODV) routing protocol, designed for mobile ad hoc networks, offers quick adaptation to dynamic link conditions, low processing and memory overhead, and low network utilization. However, without keeping in mind the ...
A Specification-Based Intrusion Detection Model for Wireless Ad Hoc Networks
IBICA '12: Proceedings of the 2012 Third International Conference on Innovations in Bio-Inspired Computing and ApplicationsMobile ad hoc networks (MANET) have the properties of open medium and decentralized structure, so malicious nodes can easily attack MANET nodes. Furthermore, it is more difficult to establish a protection mechanism on a dynamic topology than a fixed ...
Overview of intrusion detection and intrusion prevention
InfoSecCD '08: Proceedings of the 5th annual conference on Information security curriculum developmentThis report provides an overview of IPS systems. In the first section a comparison of IDS and IPS is made, where an IPS system is defined as an integration of IDS and a firewall. The second section describes what is needed to set up an IPS system. In ...
Comments