Friend-assisted intrusion detection and response mechanisms for mobile ad hoc networks

Razak, Shukor Abd; Furnell, Steven; Clarke, Nathan; Brooke, Phillip J.

doi:10.1016/j.adhoc.2007.11.004

Cited by 42 publications

(25 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Vigna et al [21] propose a misuse detection approach based on the characterisation of the sequences of actions that attackers perform to compromise the AODV routing protocol. Razak et al [22] propose a collaborative intrusion detector where misuse and anomaly detection are both used for a better detection accuracy. Şen et al [23] propose the use of genetic programming for evolving programs to detect each particular attack.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Surviving Attacks in Challenged Networks

Cucurull

Asplund

Nadjm‐Tehrani

et al. 2012

IEEE Trans. Dependable and Secure Comput.

View full text Add to dashboard Cite

Abstract-In the event of a disaster, telecommunication infrastructures can be severely damaged or overloaded. Hastily formed networks can provide communication services in an ad hoc manner. These networks are challenging due to the chaotic context where intermittent connection is the norm and the identity and number of participants cannot be assumed. In such environments malicious actors may try to disrupt the communications to create more chaos for their own benefit. This paper proposes a general security framework for monitoring and reacting to disruptive attacks. It includes a collection of functions to detect anomalies, diagnose them, and perform mitigation. The measures are deployed in each node in a fully distributed fashion, but their collective impact is a significant resilience to attacks, so that the actors can disseminate information under adverse conditions. The approach has been evaluated in the context of a simulated disaster area network with a manycast dissemination protocol, Random Walk Gossip, with a store-and-forward mechanism. A challenging threat model where adversaries may attempt to reduce message dissemination or drain network resources without spending much of their own energy has been adopted.

show abstract

Section: Related Workmentioning

confidence: 99%

“…Some works [17], [22], [24], [25], [26] propose certain actions in the presence of attacks, but only a few evaluate the consequence of mitigation [17], [26]. Furthermore, a common response consists of the isolation of the nodes that are suspected to be attackers [17], [26], [27].…”

Section: Related Workmentioning

confidence: 99%

Surviving Attacks in Challenged Networks

Cucurull

Asplund

Nadjm‐Tehrani

et al. 2012

IEEE Trans. Dependable and Secure Comput.

View full text Add to dashboard Cite

show abstract

“…The purpose is to show that how the social relationships between vehicles can be used for significance performance of VANET routing protocols. We have implemented only simple operational misuse and anomaly detection engines based on existing works in [14,15]. We have assumed that a pair of direct friends or friends-of-friends who have mutual trust with each other can communicate.…”

Section: Friendship Mechanismmentioning

confidence: 99%

Fuzzy-assisted social-based routing for urban vehicular environments

Khokhar

Noor

Ghafoor

et al. 2011

J Wireless Com Network

View full text Add to dashboard Cite

In the autonomous environment of Vehicular Ad hoc NETwork (VANET), vehicles randomly move with high speed and rely on each other for successful data transmission process. The routing can be difficult or impossible to predict in such intermittent vehicles connectivity and highly dynamic topology. The existing routing solutions do not consider the knowledge that behaviour patterns exist in real-time urban vehicular networks. In this article, we propose a fuzzy-assisted social-based routing (FAST) protocol that takes the advantage of social behaviour of humans on the road to make optimal and secure routing decisions. FAST uses prior global knowledge of real-time vehicular traffic for packet routing from the source to the destination. In FAST, fuzzy inference system leverages friendship mechanism to make critical decisions at intersections which is based on prior global knowledge of realtime vehicular traffic information. The simulation results in urban vehicular environment for with and without obstacles scenario show that the FAST performs best in terms of packet delivery ratio with upto 32% increase, average delay 80% decrease, and hops count 50% decrease compared to the state of the art VANET routing solutions.

show abstract

“…In cooperative IDS solutions (e.g., hierarchical [12,[30][31][32], groupbased [33][34][35], zone-based [36], or neighbor-assisted [37,38]) every node is assigned a few IDS functions to detect attacks based on local observation. A cooperative IDS engine is then employed for detecting more attacks, based on neighbor information [13,38].…”

Section: State Of the Artmentioning

confidence: 99%

RAPID: Traffic-agnostic intrusion detection for resource-constrained wireless mesh networks

Hassanzadeh

Stoleru

Polychronakis

et al. 2014

Computers & Security

View full text Add to dashboard Cite

Due to the recent increased interest in wireless mesh networks (WMN), their security challenges have become of paramount importance. An important security mechanism for WMN, intrusion detection, has received considerable attention from the research community. Recent results show that traditional monitoring mechanisms are not applicable to real-world WMN due to their constrained resources (memory and processing power), which result in high false negative rates since only few IDS functions can be activated on monitoring nodes. Cooperative solutions, on the other hand, have high communication overhead and detection delay when traffic is high. A practical traffic-aware IDS solution was recently proposed for resource-constrained WMN, however, traffic-awareness might not be feasible for some WMN applications. This paper proposes a traffic-agnostic IDS solution that uses a link-coverage approach to monitor both local and backbone WMN traffic. Using real-world experiments and extensive simulations we show our proposed IDS solutions outperform traffic-aware IDS solutions while requiring lower computation and communication overhead.

show abstract

Friend-assisted intrusion detection and response mechanisms for mobile ad hoc networks

Cited by 42 publications

References 5 publications

Surviving Attacks in Challenged Networks

Surviving Attacks in Challenged Networks

Fuzzy-assisted social-based routing for urban vehicular environments

RAPID: Traffic-agnostic intrusion detection for resource-constrained wireless mesh networks

Contact Info

Product

Resources

About