Distributed and Cooperative Anomaly Detection Scheme for Mobile Ad Hoc Networks

Hisham Mustafa; Yan Xiong; Khalid Elaalim

doi:10.4236/jcc.2014.23001

Journal of Computer and Communications > Vol.2 No.3, February 2014

Distributed and Cooperative Anomaly Detection Scheme for Mobile Ad Hoc Networks

Hisham Mustafa, Yan Xiong, Khalid Elaalim
Department of Statistic and Computer Sciences, Faculty of Applied Sciences, Red Sea University, Port Sudan, Sudan.
School of Computer Science and Technology, University of Science and Technology of China, Hefei, China.
DOI: 10.4236/jcc.2014.23001 PDF HTML 2,872 Downloads 5,578 Views Citations

Abstract

Due to their unique characteristics, such as the dynamic changing topology, the absence of central management, the cooperative routing mechanisms, and the resources constraints, Mobile ad hoc networks (MANETs) are relatively vulnerable to both active and passive attacks. In MANET, routing attacks try to disrupt the functions of routing protocol by intentionally or unintentionally dropping packets or propagating faked routing messages. However, due to their computation requirements, the prevention mechanisms are not powerful enough to secure MANET. In this paper, we propose a distributed and cooperative scheme using statistical methods to detect routing attacks in MANETs. Our scheme uses both direct and indirect observations to characterize the behaviors of both neighboring and remote nodes. Simple threshold and Grubb’s Test are utilized to propose our new detection methods. The scheme includes innovative methods to compute our proposed measures, Maximum Accusation Number (MAN) and Accusation Number (AN), which are used to make decision about node’s behavior. Experimental results show that our scheme performs well in detecting anomalous events in routing functions.

Keywords

MANET; Routing Protocol; Routing Attacks; Anomaly Detection; Trust and Availability; Statistical Test

Share and Cite:

Mustafa, H. , Xiong, Y. and Elaalim, K. (2014) Distributed and Cooperative Anomaly Detection Scheme for Mobile Ad Hoc Networks. Journal of Computer and Communications, 2, 1-10. doi: 10.4236/jcc.2014.23001.

Conflicts of Interest

The authors declare no conflicts of interest.

References

[1]	Y. G. Zhang, W. K. Lee and Y. A. Huang, “Intrusion Detection Techniques for Mobile Wireless Networks,” ACM/Kluwer Wireless Networks Journal (ACM WINET), Vol. 9, No. 5, 2003, pp. 545-556.
[2]	H. W. Kim, D. W. Kim and S. H. Kim, “Lifetime-Enhancing Selection of Monitoring Nodes for Intrusion Detection in Mobile Ad Hoc Networks,” AEU-International Journal of Electronics and Communications, Vol. 60, No. 3, 2006, pp. 248-250.
[3]	H. Mustafa and Y. Xiong, “Routing Attacks Detection and Reaction Scheme for Mobile Ad Hoc Networks Using Statistical Methods,” Proceedings of The 22nd Wireless and Optical Communication Conference on Security for Wireless Networks, Chongqing, 16-18 May 2013, pp. 659-664.
[4]	W. Y. Zhang, Q. B. Yang and Y. S. Geng, “A Survey of Anomaly Detection Methods in Networks,” Proceedings of Computer Network and Multimedia Technology (CNMT 2009), Wuhan, 18-20 January 2009, pp. 1-3.
[5]	P. Albers, O. Camp, J. Percher, B. Jouga, L. Me and R. Puttini, “Security in Ad Hoc Networks: A General Intrusion Detection Architecture Enhancing Trust Based Approaches,” Proceedings of the 1st International Workshop on Wireless Information Systems (WIS-2002), 2002, pp. 1-12.
[6]	Y. Huang and W. Lee, “A Cooperative Intrusion Detection System for Ad Hoc Networks,” Proceedings of the ACM Workshop on Security in Ad Hoc and Sensor Networks (SASN’03), October 2003, pp. 135-147. http://dx.doi.org/10.1145/986858.986877
[7]	P. Kruus, D. Sterne, R. Gopaul, M. Heyman, B. Rivera, P. Budulas, B. Luu, T. Johnson, N. Ivanic and G. Lawler, “In-Band Wormholes and Countermeasures in OLSR Networks,” Proceedings of SecureComm, Baltimore, 28 August 2006, pp. 1-11.
[8]	S. S. Zheng, T. Jiang, J. S. Baras, A. Sonalker, D. Sterne, R. Gopaul and R. Hardy, “Intrusion Detection of In-Band Wormholes in MANETs Using Advanced Statistical Methods,” Proceedings of Military Communications Conference (MILCOM), San Diego,16-19 November 2008, pp. 1-7.
[9]	S. Marti, T. Giuli, K. Lai and M. Baker, “Mitigating Routing Misbehavior in Mobile Ad Hoc Networks,” Proceedings of the 6th Annual International Conference on Mobile Computing and Networking (MOBICOM), August 2000, pp. 255-265.
[10]	S. Buchegger and J. Le Boudec, “Performance Analysis of the CONFIDANT Protocol (Cooperation of Nodes-Fairness in Dynamic Ad-hoc NeTworks),” Proceedings of the 3rd ACM International Symposium on Mobile Ad Hoc Networking and Computing (MobiHoc’02), June 2002, pp. 226-236.
[11]	P. Michiardi and R. Molva, “Core: A Collaborative Reputation Mechanism to Enforce Node Cooperation in Mobile Ad Hoc Networks,” Advanced Communications and Multimedia Security, IFIP: The International Federation for Information Processing, Vol. 100, 2002, pp. 107-121.
[12]	David S. Moore and George P. McCabe, “Introduction to the practice of statistics,” 5th Edition, W. H. Freeman, New York, 2005.
[13]	V. Chandola, A. Banerjee and V. Kumar, “Anomaly Detection: A Survey,” ACM Computing Surveys (CSUR), Vol. 41, No. 3, 2009, Article No. 15.

Journals Menu

Follow SCIRP

	customer@scirp.org
	+86 18163351462(WhatsApp)
	1655362766

	Paper Publishing WeChat

Journals Menu

Home

About SCIRP

Service

Policies