Performance analysis of the CONFIDANT protocol
Proceedings of the 3rd ACM international symposium on Mobile ad hoc networking & computing
Intrusion detection techniques for mobile wireless networks
Wireless Networks
A cooperative intrusion detection system for ad hoc networks
Proceedings of the 1st ACM workshop on Security of ad hoc and sensor networks
Journal of Computer Security - Special Issue on Security of Ad-hoc and Sensor Networks
Cost-sensitive intrusion responses for mobile ad hoc networks
RAID'07 Proceedings of the 10th international conference on Recent advances in intrusion detection
Intrusion detection in wireless ad hoc networks
IEEE Wireless Communications
| Hi-index | 0.00 |
In Mobile Ad Hoc Networks (MANET), anomaly detection and response system (ADRS) plays a paramount role in diagnosing anomalous events, which are resulted by both accidental system errors and intentional attacks. While a variety of ADRS is ready for deployment, there lacks a sound and formal way to examine their operational characteristics for selecting the most appropriate ones with particular concerns. To that end, this paper develops a decision-theoretical framework to identify the fundamental tradeoffs between the key evaluation metrics of ADRS in MANET, along with a formal method to optimize the overall performance of ADRS in terms of those metrics of concern. In particular, each ADRS sensor is treated as an autonomous agent, making its decision as the local operational environment and a global signal that estimates the performance of ADRS as a whole, in terms of detection performance (detection accuracy and false positive rate) and operational cost (detection cost and response cost). The theoretical framework then serves as a basis for developing policy gradient algorithms for practically and automatically inferring the optimal behavior of ADRS sensors. A set of simulations is conducted for validating the feasibility and evaluating the performance of our proposed framework.