Distributed and Cooperative Anomaly Detection Scheme for Mobile Ad Hoc Networks


Due to their unique characteristics, such as the dynamic changing topology, the absence of central management, the cooperative routing mechanisms, and the resources constraints, Mobile ad hoc networks (MANETs) are relatively vulnerable to both active and passive attacks. In MANET, routing attacks try to disrupt the functions of routing protocol by intentionally or unintentionally dropping packets or propagating faked routing messages. However, due to their computation requirements, the prevention mechanisms are not powerful enough to secure MANET. In this paper, we propose a distributed and cooperative scheme using statistical methods to detect routing attacks in MANETs. Our scheme uses both direct and indirect observations to characterize the behaviors of both neighboring and remote nodes. Simple threshold and Grubbs Test are utilized to propose our new detection methods. The scheme includes innovative methods to compute our proposed measures, Maximum Accusation Number (MAN) and Accusation Number (AN), which are used to make decision about nodes behavior. Experimental results show that our scheme performs well in detecting anomalous events in routing functions.

Share and Cite:

Mustafa, H. , Xiong, Y. and Elaalim, K. (2014) Distributed and Cooperative Anomaly Detection Scheme for Mobile Ad Hoc Networks. Journal of Computer and Communications, 2, 1-10. doi: 10.4236/jcc.2014.23001.

Conflicts of Interest

The authors declare no conflicts of interest.


[1] Y. G. Zhang, W. K. Lee and Y. A. Huang, “Intrusion Detection Techniques for Mobile Wireless Networks,” ACM/Kluwer Wireless Networks Journal (ACM WINET), Vol. 9, No. 5, 2003, pp. 545-556.
[2] H. W. Kim, D. W. Kim and S. H. Kim, “Lifetime-Enhancing Selection of Monitoring Nodes for Intrusion Detection in Mobile Ad Hoc Networks,” AEU-International Journal of Electronics and Communications, Vol. 60, No. 3, 2006, pp. 248-250.
[3] H. Mustafa and Y. Xiong, “Routing Attacks Detection and Reaction Scheme for Mobile Ad Hoc Networks Using Statistical Methods,” Proceedings of The 22nd Wireless and Optical Communication Conference on Security for Wireless Networks, Chongqing, 16-18 May 2013, pp. 659-664.
[4] W. Y. Zhang, Q. B. Yang and Y. S. Geng, “A Survey of Anomaly Detection Methods in Networks,” Proceedings of Computer Network and Multimedia Technology (CNMT 2009), Wuhan, 18-20 January 2009, pp. 1-3.
[5] P. Albers, O. Camp, J. Percher, B. Jouga, L. Me and R. Puttini, “Security in Ad Hoc Networks: A General Intrusion Detection Architecture Enhancing Trust Based Approaches,” Proceedings of the 1st International Workshop on Wireless Information Systems (WIS-2002), 2002, pp. 1-12.
[6] Y. Huang and W. Lee, “A Cooperative Intrusion Detection System for Ad Hoc Networks,” Proceedings of the ACM Workshop on Security in Ad Hoc and Sensor Networks (SASN’03), October 2003, pp. 135-147. http://dx.doi.org/10.1145/986858.986877
[7] P. Kruus, D. Sterne, R. Gopaul, M. Heyman, B. Rivera, P. Budulas, B. Luu, T. Johnson, N. Ivanic and G. Lawler, “In-Band Wormholes and Countermeasures in OLSR Networks,” Proceedings of SecureComm, Baltimore, 28 August 2006, pp. 1-11.
[8] S. S. Zheng, T. Jiang, J. S. Baras, A. Sonalker, D. Sterne, R. Gopaul and R. Hardy, “Intrusion Detection of In-Band Wormholes in MANETs Using Advanced Statistical Methods,” Proceedings of Military Communications Conference (MILCOM), San Diego,16-19 November 2008, pp. 1-7.
[9] S. Marti, T. Giuli, K. Lai and M. Baker, “Mitigating Routing Misbehavior in Mobile Ad Hoc Networks,” Proceedings of the 6th Annual International Conference on Mobile Computing and Networking (MOBICOM), August 2000, pp. 255-265.
[10] S. Buchegger and J. Le Boudec, “Performance Analysis of the CONFIDANT Protocol (Cooperation of Nodes-Fairness in Dynamic Ad-hoc NeTworks),” Proceedings of the 3rd ACM International Symposium on Mobile Ad Hoc Networking and Computing (MobiHoc’02), June 2002, pp. 226-236.
[11] P. Michiardi and R. Molva, “Core: A Collaborative Reputation Mechanism to Enforce Node Cooperation in Mobile Ad Hoc Networks,” Advanced Communications and Multimedia Security, IFIP: The International Federation for Information Processing, Vol. 100, 2002, pp. 107-121.
[12] David S. Moore and George P. McCabe, “Introduction to the practice of statistics,” 5th Edition, W. H. Freeman, New York, 2005.
[13] V. Chandola, A. Banerjee and V. Kumar, “Anomaly Detection: A Survey,” ACM Computing Surveys (CSUR), Vol. 41, No. 3, 2009, Article No. 15.

Copyright © 2021 by authors and Scientific Research Publishing Inc.

Creative Commons License

This work and the related PDF file are licensed under a Creative Commons Attribution 4.0 International License.