A modular architecture for distributed IDS in MANET

Authors:
Ricardo S. Puttini;Jean-Marc Percher;Ludovic Mé;Olivier Camp;Rafael De Sousa;Cláudia J. Barenco Abbas;L. Javier García-Villalba
Affiliations:
Department of Electric Engineering, University of Brasilia, Brasilia, DF, Brazil;École Supérieure d'Électronique de l'Ouest, France, Angers Cedex 01, France;Supélec, Cesson Sévigné Cedex, France;École Supérieure d'Électronique de l'Ouest, France, Angers Cedex 01, France;Department of Electric Engineering, University of Brasilia, Brasilia, DF, Brazil;Department of Electric Engineering, University of Brasilia, Brasilia, DF, Brazil;Department of Computer Systems and Programming, Complutense University of Madrid, Madrid, Spain
Venue:
ICCSA'03 Proceedings of the 2003 international conference on Computational science and its applications: PartIII
Year:
2003

Citing 8
Cited 4

State Transition Analysis: A Rule-Based Intrusion Detection Approach

IEEE Transactions on Software Engineering
Internetworking with TCP/IP, Vol. 3: Client-Server Programming and Applications, Linux/Posix Sockets Version

Internetworking with TCP/IP, Vol. 3: Client-Server Programming and Applications, Linux/Posix Sockets Version
A Hands-On Look at Java Mobile Agents

IEEE Internet Computing
Self-Securing Ad Hoc Wireless Networks

ISCC '02 Proceedings of the Seventh International Symposium on Computers and Communications (ISCC'02)
Holding intruders accountable on the Internet

SP '95 Proceedings of the 1995 IEEE Symposium on Security and Privacy
Execution monitoring of security-critical programs in distributed systems: a Specification-based approach

SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Cooperating security managers: a peer-based intrusion detection system

IEEE Network: The Magazine of Global Internetworking
Securing ad hoc networks

IEEE Network: The Magazine of Global Internetworking

Distributed flow detection over multi-path sessions

Computer Communications
APA: an interior-oriented intrusion detection system based on multi-agents

ICCNMC'05 Proceedings of the Third international conference on Networking and Mobile Computing
A novel intrusion detection method for mobile ad hoc networks

EGC'05 Proceedings of the 2005 European conference on Advances in Grid Computing
Intrusion Detection Algorithm for MANET

International Journal of Information Security and Privacy

Quantified Score

Hi-index	0.00

Visualization

Abstract

In this paper we propose a distributed and modular architecture for an intrusion detection system (IDS) dedicated to a mobile ad hoc network (MANET) environment. The main feature of our proposition relies on the use, on each node of the MANET, of a local IDS (LIDS) cooperating with other LIDSes through the use of mobile agents. The modular design is needed as a response to the extensibility requirements related to the complex contexts of MANET. The proposed solution has been validated by a proof-of-concept prototype, which is described in the paper. Two different types of attacks are presented and have been implemented, at the network level and at the application level. The detection of such attacks are formally described by specification of data collection, attack signatures associated with such data and alerts generation, emphasizing the relation of each of these detection steps with the modules in the designed architecture. The use of the management information base (MIB) as a primary data source for the detection process is discussed and modules for MIB data extraction and processing are specified and implemented in the prototype. Experiments exhibit fairly good results, the attacks being collaboratively detected in real-time.