Ningrinla Marchang

Collaborative techniques for intrusion detection in mobile ad-hoc networks

In this paper, we present two intrusion detection techniques for mobile ad-hoc networks, which use collaborative efforts of nodes in a neighborhood to detect a malicious node in that neighborhood. The first technique is designed for detection of malicious nodes in a neighborhood of nodes in which each pair of nodes in the neighborhood are within radio range of each other. Such a neighborhood of nodes is known as a clique[12]. The second technique is designed for detection of malicious nodes in a neighborhood of nodes, in which each pair of nodes may not be in radio range of each other but where there is a node among them which has all the other nodes in its one-hop vicinity. This neighborhood is identical to a cluster as mentioned in [12]. Both techniques use message passing between the nodes. A node called the monitor node initiates the detection process. Based on the messages that it receives during the detection process, each node determines the nodes it suspects to be malicious and send votes to the monitor node. The monitor node upon inspecting the votes determines the malicious nodes from among the suspected nodes. Our intrusion detection system is independent of any routing protocol. We give the proof of correctness of the first algorithm, which shows that it correctly detects the malicious nodes always when there is no message loss. We also show with the help of simulations that both the algorithms give good performance even when there are message losses arising due to unreliable channel.

Light-weight trust-based routing protocol for mobile ad hoc networks

Mobile ad hoc networks (MANETs) were originally designed for a cooperative environment. To use them in hostile environments, trust-based routing can be used, where instead of establishing the shortest routes as done in traditional routing protocols, most trusted routes are established. In this study, the authors present a light-weight trust-based routing protocol. It is light-weight in the sense that the intrusion detection system (IDS) used for estimating the trust that one node has for another, consumes limited computational resource. Moreover, it uses only local information thereby ensuring scalability. Our light-weight IDS takes care of two kinds of attacks, namely, the blackhole attack and the grey hole attack. Whereas our proposed approach can be incorporated in any routing protocol, the authors have used AODV as the base routing protocol to evaluate our proposed approach and give a performance analysis.

Intrusion Detection in MANET using fuzzy logic

Mobile Ad hoc network (MANET) is a new paradigm in wireless revolution, which is a self-configured network of wireless mobile nodes. Due to proliferation of miniature yet powerful mobile computing devices, it is gaining acceptance and popularity. However, MANET is vulnerable to security attacks due to its inherent characteristics such as dynamic topology, lack of a centralized coordinator and open wireless channel. In this paper, we analyze some security attacks of MANET and we propose to identify the attack by using an Intrusion Detection System (IDS). The proposed IDS uses fuzzy logic to detect malicious behavior and identify the attacks.

A Game Theoretical Approach for Efficient Deployment of Intrusion Detection System in Mobile Ad Hoc Networks

In this paper, we present a game-theoretic model of intrusion detection systems (IDSs) for Mobile Ad hoc Networks. In most of the existing intrusion detection systems for MANETs, a detection system sits on every node, which runs all the time, which is a costly overhead for a battery-powered mobile device. We have used game theory to model the interactions between the intrusion detection system and the attacker to determine whether it is essential to always keep the IDS running without compromising on its effectiveness. The results of our analysis show that one need not keep an IDS running all the time. Besides, our analysis helps in determining how frequently one must keep the IDS running under different conditions.

A Novel Approach for Efficient Usage of Intrusion Detection System in Mobile Ad Hoc Networks

Mobile ad hoc networks (MANETs) are self-configuring infrastructureless dynamic wireless networks in which the nodes are resource constrained. Intrusion detection systems (IDSs) are used in MANETs to monitor activities to detect any intrusion in the otherwise vulnerable network. In this paper, we present efficient schemes for analyzing and optimizing the time duration for which the IDSs need to remain active in a MANET. A probabilistic model is proposed, which makes use of cooperation between IDSs among neighborhood nodes to reduce their individual active time. Typically, an IDS has to run all the time on every node to oversee network behavior. This can turn out to be a costly overhead for a battery-powered mobile device in terms of power and computational resources. Hence, in this work, our aim is to reduce the duration of active time of the IDSs without compromising their effectiveness. To validate our proposed approach, we model the interactions between IDSs as a multiplayer cooperative game in which the players have partially cooperative and partially conflicting goals. We theoretically analyze this game and support it with simulation results.

Effect of colluding attack in collaborative spectrum sensing

Collaborative spectrum sensing (CSS) is an approach that enhances the spectrum sensing performance where multiple secondary users (SUs) cooperate to make the final sensing decision in a cognitive radio network (CRN). In CSS, the SUs are generally assumed to report correct local sensing result to the fusion center (FC). But, some SUs may be compromised and start reporting false local sensing decision to the FC to disrupt the network. CSS can also be severely affected by compromised nodes working together. Such a type of attack is termed as colluding attack and nodes that launch colluding attacks are known as colluding nodes. In this paper, we study the effect of colluding nodes in collaborative spectrum sensing. We also show that the presence of colluding attack results in higher as network performance degradation compared to independent attack especially when the presence of attackers is high. Hence, colluding attacks are of much security concern.

Security for Mobile Ad Hoc Networks

In this chapter, the security issues and challenges of mobile ad hoc networks (MANET) are introduced and discussed. The different types of security attacks that can be launched against MANET are generally divided into active and passive attacks: depending on whether the attack disturbs the functions of the network protocols or not while extracting vital network information. We also show how basic security infrastructure may be provided with the help of key management techniques to MANET. Several techniques characterized by different types of certification authority (CA) and, also, different types of key management and distribution schemes are discussed. Subsequently, we introduce the advanced techniques of providing security to this important form of ad hoc network. As message routing is susceptible to attacks in mobile ad hoc networks, we next discuss the popular techniques of securing the routing protocols. Lastly, we focus on the various intrusion detection techniques that are adopted for MANET.

Can Clustering be Used to Detect Intrusion During Spectrum Sensing in Cognitive Radio Networks

Collaborative sensing helps in achieving a more accurate sensing decision than individual sensing in cognitive radio network (CRN). In an infrastructure-based CRN, each node sends its local sensing report to the fusion center (FC), which uses a fusion rule to aggregate the local sensing reports. However, collaborative sensing is vulnerable to the spectrum sensing data falsification attack, in which a node falsifies its local sensing report before sending it to the FC with the intention of disrupting the final sensing decision of the FC. In practice, the strategy of an attacker is not known. However, the collection of sensing reports at the FC can be useful for data mining with the objective of identifying the attackers. In this paper, we present a method that uses clustering techniques for detection and isolation of such attackers. We employ two clustering techniques, viz., K-medoids clustering and agglomerative hierarchical clustering. Unlike threshold detection that requires some predefined threshold value as input, the proposed approach detects the attackers using only the collection of sensing reports at the FC. We also present how we can use the proposed approach on streaming data (sensing reports), and thus, detect and isolate attackers on the fly. Comparative numerical simulation results support the validity of the approach.

Modelling and Mitigating Spectrum Sensing Non-cooperation Attack in Cognitive Radio Network

Collaborative spectrum sensing (CSS) is known to improve spectrum sensing performance in Cognitive Radio Network. In CSS, secondary users participate by sharing their local sensing results. They participate in the sensing process at their own cost, i.e., they expend some amount of energy and time for sensing and sharing. But, a selfish user may refrain from collaborating in the spectrum sensing process in order to save up energy, which results in improper sensing. While this problem is widely known, we call this as the spectrum sensing non-cooperation (SSNC) attack for easy reference. In this paper, a collective action prisoners dilemma game is used to model the SSNC attack. To handle this attack, repeated game punishment mechanisms, namely Tit-for-Tat and Grim strategies are used. In addition, modified Tit-for-Tat and modified Grim strategies are proposed to handle this attack in the presence of reporting channel error.

Distributed Binary Decision-Based Collaborative Spectrum Sensing in Infrastructure-less Cognitive Radio Network

Individual scanning of channel for the presence or absence of primary user does not give accurate sensing result in cognitive radio network. Thus, collaborative spectrum sensing is employed to get a more accurate spectrum sensing result. This paper proposes a distributed binary decision-based collaborative spectrum sensing, in which a node uses the binary decisions of its h hop neighbors for making its decision. The proposed scheme is for an infrastucture-less cognitive radio network where secondary users collaborate based on the local information exchanged without requiring a fusion center. Instead of using consensus algorithm, this paper focuses on message passing, i.e., exchanging the local sensing decision. Simulation result showed that the proposed scheme can give a significant good detection rate with low false detection rate.