Introduction to statistical pattern recognition (2nd ed.)
Introduction to statistical pattern recognition (2nd ed.)
C4.5: programs for machine learning
C4.5: programs for machine learning
Decision Combination in Multiple Classifier Systems
IEEE Transactions on Pattern Analysis and Machine Intelligence
Pattern Recognition Letters
IEEE Transactions on Pattern Analysis and Machine Intelligence
Intrusion detection in wireless ad-hoc networks
MobiCom '00 Proceedings of the 6th annual international conference on Mobile computing and networking
A Theoretical Study on Six Classifier Fusion Strategies
IEEE Transactions on Pattern Analysis and Machine Intelligence
Trust in Cyberspace
Computer Intrusion Detection and Network Monitoring: A Statistical Viewpoint
Computer Intrusion Detection and Network Monitoring: A Statistical Viewpoint
Wireless sensor networks: a survey
Computer Networks: The International Journal of Computer and Telecommunications Networking
Constructing Boosting Algorithms from SVMs: An Application to One-Class Classification
IEEE Transactions on Pattern Analysis and Machine Intelligence
Sum Versus Vote Fusion in Multiple Classifier Systems
IEEE Transactions on Pattern Analysis and Machine Intelligence
On Combining One-Class Classifiers for Image Database Retrieval
MCS '02 Proceedings of the Third International Workshop on Multiple Classifier Systems
Fusion of multiple classifiers for intrusion detection in computer networks
Pattern Recognition Letters
Statistical Traffic Modeling for Network Intrusion Detection
MASCOTS '00 Proceedings of the 8th International Symposium on Modeling, Analysis and Simulation of Computer and Telecommunication Systems
SAINT '03 Proceedings of the 2003 Symposium on Applications and the Internet
Ad-hoc On-Demand Distance Vector Routing
WMCSA '99 Proceedings of the Second IEEE Workshop on Mobile Computer Systems and Applications
Cross-Feature Analysis for Detecting Ad-Hoc Routing Anomalies
ICDCS '03 Proceedings of the 23rd International Conference on Distributed Computing Systems
Concept learning in the absence of counterexamples: an autoassociation-based approach to classification
Cost-sensitive, scalable and adaptive learning using ensemble-based methods
Cost-sensitive, scalable and adaptive learning using ensemble-based methods
Intrusion detection techniques for mobile wireless networks
Wireless Networks
Novelty detection: a review—part 2: neural network based approaches
Signal Processing
Combining Pattern Classifiers: Methods and Algorithms
Combining Pattern Classifiers: Methods and Algorithms
A cooperative intrusion detection system for ad hoc networks
Proceedings of the 1st ACM workshop on Security of ad hoc and sensor networks
A Theoretical and Experimental Analysis of Linear Combiners for Multiple Classifier Systems
IEEE Transactions on Pattern Analysis and Machine Intelligence
Feature bagging for outlier detection
Proceedings of the eleventh ACM SIGKDD international conference on Knowledge discovery in data mining
Ad Hoc Networking
Network intrusion detection by combining one-class classifiers
ICIAP'05 Proceedings of the 13th international conference on Image Analysis and Processing
ANMP: ad hoc network management protocol
IEEE Journal on Selected Areas in Communications
IEEE Network: The Magazine of Global Internetworking
Classifier ensembles: Select real-world applications
Information Fusion
Editorial: A Special Issue on information fusion in computer security
Information Fusion
Information fusion for computer security: State of the art and open issues
Information Fusion
A dynamic intrusion detection hierarchy for MANETs
SARNOFF'09 Proceedings of the 32nd international conference on Sarnoff symposium
Quantifying resiliency and detection latency of intrusion detection structures
MILCOM'09 Proceedings of the 28th IEEE conference on Military communications
Anomaly detection and mitigation for disaster area networks
RAID'10 Proceedings of the 13th international conference on Recent advances in intrusion detection
Anomaly detection in wireless sensor networks: A survey
Journal of Network and Computer Applications
The application of genetic algorithm to intrusion detection in MP2P network
ICSI'12 Proceedings of the Third international conference on Advances in Swarm Intelligence - Volume Part I
International Journal of Ad Hoc and Ubiquitous Computing
| Hi-index | 0.00 |
This paper examines the problem of distributed intrusion detection in Mobile Ad-Hoc Networks (MANETs), utilizing ensemble methods. A three-level hierarchical system for data collection, processing and transmission is described. Local IDSs (intrusion detection systems) are attached to each node of the MANET, collecting raw data of network operation, and computing a local anomaly index measuring the mismatch between the current node operation and a baseline of normal operation. Anomaly indexes from nodes belonging to a cluster are periodically transmitted to a cluster head, which averages the node indexes producing a cluster-level anomaly index. Cluster heads periodically transmit these cluster-level anomaly indexes to a manager which averages them. On the theoretical side, we show that averaging improves detection rates under very mild conditions concerning the distributions of the anomaly indexes of the normal class and the anomalous class. On the practical side, the paper describes clustering algorithms to update cluster centers and machine learning algorithms for computing the local anomaly indexes. The complete suite of algorithms was implemented and tested, under two types of MANET routing protocols and two types of attacks against the routing infrastructure. Performance evaluation was effected by determining the receiver operating characteristics (ROC) curves and the corresponding area under the ROC curve (AUC) metrics for various operational conditions. The overall results confirm the theoretical developments related with the benefits of averaging with detection accuracy improving as we move up in the node-cluster-manager hierarchy.