Opening the Pandora's Box: Exploring the fundamental limitations of designing intrusion detection for MANET routing attacks

Authors:
John Felix Charles Joseph;Amitabha Das;Boon-Chong Seet;Bu-Sung Lee
Affiliations:
Center for Multimedia and Networks (CeMNet), Division of Computer Communications, School of Computer Science and Engineering, Nanyang Technological University, Nayang Avenue, Singapore;Center for Multimedia and Networks (CeMNet), Division of Computer Communications, School of Computer Science and Engineering, Nanyang Technological University, Nayang Avenue, Singapore;Department of Electrical and Electronics Engineering, Auckland University of Technology, New Zealand;Center for Multimedia and Networks (CeMNet), Division of Computer Communications, School of Computer Science and Engineering, Nanyang Technological University, Nayang Avenue, Singapore
Venue:
Computer Communications
Year:
2008

Citing 15
Cited 0

The Byzantine Generals Problem

ACM Transactions on Programming Languages and Systems (TOPLAS)
The base-rate fallacy and the difficulty of intrusion detection

ACM Transactions on Information and System Security (TISSEC)
Challenges in Intrusion Detection for Wireless Ad-hoc Networks

SAINT-W '03 Proceedings of the 2003 Symposium on Applications and the Internet Workshops (SAINT'03 Workshops)
Intrusion Detection Testing and Benchmarking Methodologies

IEEE-IWIA '03 Proceedings of the First IEEE International Workshop on Information Assurance (IWIA'03)
Intrusion detection techniques for mobile wireless networks

Wireless Networks
Pattern Classification (2nd Edition)

Pattern Classification (2nd Edition)
Secure Routing and Intrusion Detection in Ad Hoc Networks

PERCOM '05 Proceedings of the Third IEEE International Conference on Pervasive Computing and Communications
Wormhole Attacks Detection in Wireless Ad Hoc Networks: A Statistical Analysis Approach

IPDPS '05 Proceedings of the 19th IEEE International Parallel and Distributed Processing Symposium (IPDPS'05) - Workshop 17 - Volume 18
Dempster-Shafer Theory for Intrusion Detection in Ad Hoc Networks

IEEE Internet Computing
On the Survivability of Routing Protocols in Ad Hoc Wireless Networks

SECURECOMM '05 Proceedings of the First International Conference on Security and Privacy for Emerging Areas in Communications Networks
An Extensible Environment for Evaluating Secure MANET

SECURECOMM '05 Proceedings of the First International Conference on Security and Privacy for Emerging Areas in Communications Networks
How to misuse AODV: a case study of insider attacks against mobile ad-hoc routing protocols

Ad Hoc Networks
A new set of passive routing attacks in mobile ad hoc networks

MILCOM'03 Proceedings of the 2003 IEEE conference on Military communications - Volume II
Intrusion detection in wireless ad hoc networks

IEEE Wireless Communications
Intrusion detection through learning behavior model

Computer Communications

Quantified Score

Hi-index	0.24

Visualization

Abstract

Intrusion detection is a critical component of the security framework in wireless ad hoc networks. However, the inherent properties of such networks such as the lack of infrastructure and the dynamic and decentralized nature make it extremely difficult to design effective Intrusion Detection Systems (IDS) for such environment. In this paper, we explore the major challenges posed by IDS design in ad hoc networks, and analyze the feasibility of implementing an intrusion detection system in an ad hoc network. Our analysis systematically focuses on all three major paradigms of IDS design, namely, logical rule-based techniques, probabilistic estimation based techniques as well as statistical classification techniques, and brings out the limitations of all three techniques. For illustrating the statistical limitations, a proactive ad hoc routing protocol, Optimized Link State Routing (OLSR) is used, and our analysis makes use of logical deduction as well as simulation of attacks on the OLSR protocol. The results dispel many popularly held assumptions in the literature.