(IJCSIS) International Journal of Computer Science and Information Security,Vol. 10, No. 3, March 2012
An Intrusion Detection System Framework for AdHoc Network
Arjun Singh 1
Dept. of Computer Science & EngineeringSir Padampat Singhania UniversityUdaipur, Indiaarjun.firstname.lastname@example.org
Surbhi Chauhan 2
Dept. of Computer Science & EngineeringAmity UniversityNoida,IndiaSurbhichauhan2009@gmail.com
Kamal Kant 3
Dept. of Computer Science & EngineeringAmity UniversityNoida, Inidakamalkant25@gmail.com
Reshma Doknaia 4
Sr. Software EngineerBMC Pvt. Ltd.Pune, Indiareshma.email@example.com
Secure and efficient communication among a set of mobile nodes is one of the most important aspects in ad-hocwireless networks. Wireless networks are particularly vulnerable to intrusion, as they operate in open medium, and use cooperative strategies for network communications. By efficiently merging audit data from multiple network sensors, we analyze the entire ad hoc wireless network for intrusions and try to inhibit intrusion attempts. This paper presents an intrusion detection system for ad hoc network, which uses reputation system to minimize the usage of battery power and bandwidth. Keywords-IDS, LID, MDM,ADM,SSD
Ad hoc network are dynamic, peer-to-peer networks thatdo not have a pre-existing infrastructure and are characterizedby wireless multi-hop communication .The unreliability of wireless links between nodes, constantly changing topologydue to the movement of nodes in and out of the network, andlack of incorporation of security features in staticallyconfigured wireless routing protocols not meant for ad hocenvironments all lead to Increased vulnerability and exposureto attacks .Securing wireless ad hoc networks is particularlydifficult for many reasons including the following:
Vulnerability of channels.
As in any wireless network,messages can be eavesdropped and fake messages can beinjected into the network without the difficulty of havingphysical access to network components.
Vulnerability of nodes.
Since the network nodes usuallydo not reside in physically protected places, such aslocked rooms, they can more easily be captured and fallunder the control of an attacker.
Absence of infrastructure.
Ad hoc networks are supposedto operate independently of any fixed infrastructure. Thismakes the classical security solutions based oncertification authorities and on-line servers inapplicable.
Dynamically changing topology.
In mobile ad hocnetworks, the permanent changes of topology requiresophisticated routing protocols, the security of which is anadditional challenge. A particular difficulty is that incorrectrouting information can be generated by compromised nodesor as a result of some topology changes and it is hard todistinguish between the two cases.II.
NTRUSION DETECTION IN WIRELESS AD HOCNETWORK
Intrusion Detection Systems (IDS) may be classified basedon the data collection maintaining the integrity of thespecifications mechanism, as well as the technique used todetect events. While the requirement of intrusion detectionfor both fixed wired and wireless ad-hoc networks are thesame, wireless ad-hoc networks impose additionalchallenges. The effectiveness of IDS solutions thatwere designed for fixed wired networks is limited forwireless ad-hoc network, as described below:
Wireless ad-hoc networks lack key concentration pointswhere network traffic can be monitored. This limits theeffectiveness of a network-based IDS sensor, since onlythe traffic generated within radio transmission range maybe monitored.
In a dynamically changing ad-hoc network, it may bedifficult to rely on the existence of a centralized server toperform analysis and correlation.
The secure distribution of signatures may be difficult, dueto the properties of wireless communication and mobilenodes that operate in disconnect mode.Intrusion detection can be classified into three broadcategories: