A general cooperative intrusion detection architecture for MANETs

Third IEEE International Workshop on Information Assurance (IWIA'05) Pub Date : 2005-03-23 DOI:10.1109/IWIA.2005.1

D. Sterne, P. Balasubramanyam, D. Carman, B. Wilson, R. Talpade, C. Ko, R. Balupari, Chin-Yang Tseng, T. Bowen, K. Levitt, J. Rowe

{"title":"A general cooperative intrusion detection architecture for MANETs","authors":"D. Sterne, P. Balasubramanyam, D. Carman, B. Wilson, R. Talpade, C. Ko, R. Balupari, Chin-Yang Tseng, T. Bowen, K. Levitt, J. Rowe","doi":"10.1109/IWIA.2005.1","DOIUrl":null,"url":null,"abstract":"Intrusion detection in MANETs is challenging because these networks change their topologies dynamically; lack concentration points where aggregated traffic can be analyzed; utilize infrastructure protocols that are susceptible to manipulation; and rely on noisy, intermittent wireless communications. We present a cooperative, distributed intrusion detection architecture that addresses these challenges while facilitating accurate detection of MANET-specific and conventional attacks. The architecture is organized as a dynamic hierarchy in which detection data is acquired at the leaves and is incrementally aggregated, reduced, and analyzed as it flows upward toward the root. Security management directives flow downward from nodes at the top. To maintain communications efficiency, the hierarchy is automatically reconfigured as needed using clustering techniques in which clusterheads are selected based on topology and other criteria. The utility of the architecture is illustrated via multiple attack scenarios.","PeriodicalId":247477,"journal":{"name":"Third IEEE International Workshop on Information Assurance (IWIA'05)","volume":"36 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2005-03-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"200","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Third IEEE International Workshop on Information Assurance (IWIA'05)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IWIA.2005.1","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 200

Abstract

Intrusion detection in MANETs is challenging because these networks change their topologies dynamically; lack concentration points where aggregated traffic can be analyzed; utilize infrastructure protocols that are susceptible to manipulation; and rely on noisy, intermittent wireless communications. We present a cooperative, distributed intrusion detection architecture that addresses these challenges while facilitating accurate detection of MANET-specific and conventional attacks. The architecture is organized as a dynamic hierarchy in which detection data is acquired at the leaves and is incrementally aggregated, reduced, and analyzed as it flows upward toward the root. Security management directives flow downward from nodes at the top. To maintain communications efficiency, the hierarchy is automatically reconfigured as needed using clustering techniques in which clusterheads are selected based on topology and other criteria. The utility of the architecture is illustrated via multiple attack scenarios.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

一种面向manet的通用协同入侵检测体系结构

manet网络的入侵检测具有挑战性，因为这些网络的拓扑结构是动态变化的;缺乏可以分析聚合流量的集中点;利用易受操纵的基础设施协议;并且依赖于噪音，间歇性的无线通信。我们提出了一种协作式分布式入侵检测架构，该架构可以解决这些挑战，同时促进对特定于机动网络和传统攻击的准确检测。该体系结构被组织为动态层次结构，其中检测数据在叶子处获取，并在向上流向根时逐渐聚合、减少和分析。安全管理指令从顶部的节点向下流动。为了保持通信效率，可以使用基于拓扑和其他标准选择簇头的集群技术，根据需要自动重新配置层次结构。通过多个攻击场景说明了该体系结构的实用性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

Third IEEE International Workshop on Information Assurance (IWIA'05)

自引率

0.00%

发文量