Conference Paper

Adaptable misbehavior detection and isolation in wireless ad hoc networks using policies

Centre for Commun. Syst. Res. (CCSR), Univ. of Surrey, Guildford, UK
DOI: 10.1109/INM.2009.5188816 Conference: Integrated Network Management, 2009. IM '09. IFIP/IEEE International Symposium on
Source: DBLP

ABSTRACT Wireless ad hoc networks provide the communications platform for new technologies and applications, such as vehicular ad hoc networks or wireless mesh networks. However, their multihop wireless nature makes them inherently unreliable and vulnerable, since their overall performance depends on the cooperative packet forwarding behavior of each individual node. In this paper we present a role-based approach that uses a distributed management overlay and gathers information about the packet forwarding activities of each node in the network. Using policies to control an adaptive algorithmic method that monitors the individual behavior of each node, we show that it is possible to detect, accuse and punish misbehaving nodes with a high degree of confidence. Our evaluation results demonstrate that after the successful detection of misbehaving nodes, their punishment through network isolation can significantly improve network performance in terms of packet delivery and throughput.

0 Bookmarks
 · 
125 Views
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: Mobile Ad Hoc Networks are vulnerable to a variety of network layer attacks such as black hole, grey hole, sleep deprivation & rushing attacks. In this paper we present an intrusion detection & adaptive response mechanism for MANETs that detects a range of attacks and provides an effective response with low network degradation. We consider the deficiencies of a fixed response to an intrusion; and we overcome these deficiencies with a flexible response scheme that depends on the measured confidence in the attack, the severity of attack and the degradation in network performance. We present results from an implementation of the response scheme that has three intrusion response actions. Simulation results show the effectiveness of the proposed detection and adaptive response mechanisms in various attack scenarios. An analysis of the impact of our proposed scheme shows that it allows a flexible approach to management of threats and demonstrates improved network performance with a low network overhead.
    Ad Hoc Networks 02/2014; 13(B):368-380. · 1.46 Impact Factor
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: In the last decade, mobile ad hoc networks (MANETs) have emerged as a major next generation wireless networking technology. However, MANETs are vulnerable to various attacks at all layers, including in particular the network layer, because the design of most MANET routing protocols assumes that there is no malicious intruder node in the network. In this paper, we present a survey of the main types of attack at the network layer, and we then review intrusion detection and protection mechanisms that have been proposed in the literature. We classify these mechanisms as either point detection algorithms that deal with a single type of attack, or as intrusion detection systems (IDSs) that can deal with a range of attacks. A comparison of the proposed protection mechanisms is also included in this paper. Finally, we identify areas where further research could focus.
    IEEE Communications Surveys &amp Tutorials 03/2013; 15(4):2027-2045. · 4.82 Impact Factor
  • [Show abstract] [Hide abstract]
    ABSTRACT: Due to its obvious importance, fault detection and localization is a well-studied problem in communication networks, as attested by the many techniques designed to address this problem. The inherent variability, limited component reliability, and constrained resources of MANETs (Mobile Ad hoc Networks) make the problem not just more important, but also critical. Practical development and deployment considerations imply that fault detection and localization methods must i) avoid relying on overly detailed models of network protocols and traffic assumptions and instead rely on actual cross-layer measurements/observations, and ii) be applicable across different network scales and topologies with minimum adjustments. This paper demonstrates the feasibility of such goals, and proposes an important and as yet unexplored approach to fault management in MANETs: network-invariant fault detection, localization and diagnosis with limited knowledge of the underlying network and traffic models. We show how fault management methods can be derived by observing statistical network/traffic measurements in one network, and subsequently applied to other networks with satisfactory performance. We demonstrate that a carefully designed but widely applicable set of local and weak global indicators of faults can be efficiently aggregated to produce highly sensitive and specific methods that perform well when applied to MANETs with varying sizes, topologies, and traffic matrices.
    01/2012;

Full-text (2 Sources)

View
53 Downloads
Available from
May 20, 2014