Model-Based Evaluation of Distributed Intrusion Detection Protocols for Mobile Group Communication Systems

Authors:
Jin-Hee Cho;Ing-Ray Chen
Affiliations:
Computational and Information Sciences Directorate (CISD), US Army Research Laboratory (USARL), Adelphi, USA 20783;Department of Computer Science, Virginia Polytechnic Institute and State University, Falls Church, USA 22043
Venue:
Wireless Personal Communications: An International Journal
Year:
2011

Citing 30
Cited 0

Simulating computer systems: techniques and tools

Simulating computer systems: techniques and tools
Diffie-Hellman key distribution extended to group communication

CCS '96 Proceedings of the 3rd ACM conference on Computer and communications security
A Quantitative Model of the Security Intrusion Process Based on Attacker Behavior

IEEE Transactions on Software Engineering
Mitigating routing misbehavior in mobile ad hoc networks

MobiCom '00 Proceedings of the 6th annual international conference on Mobile computing and networking
Key Agreement in Dynamic Peer Groups

IEEE Transactions on Parallel and Distributed Systems
Batch rekeying for secure group communications

Proceedings of the 10th international conference on World Wide Web
Aggregation and Correlation of Intrusion-Detection Alerts

RAID '00 Proceedings of the 4th International Symposium on Recent Advances in Intrusion Detection
Modeling and Quantification of Security Attributes of Software Systems

DSN '02 Proceedings of the 2002 International Conference on Dependable Systems and Networks
Intrusion Detection Using Mobile Agents in Wireless Ad Hoc Networks

KMN '02 Proceedings of the IEEE Workshop on Knowledge Media Networking
Challenges in Intrusion Detection for Wireless Ad-hoc Networks

SAINT-W '03 Proceedings of the 2003 Symposium on Applications and the Internet Workshops (SAINT'03 Workshops)
Secure Broadcast Communication in Wired and Wireless Networks

Secure Broadcast Communication in Wired and Wireless Networks
Alert aggregation in mobile ad hoc networks

WiSe '03 Proceedings of the 2nd ACM workshop on Wireless security
Intrusion detection techniques for mobile wireless networks

Wireless Networks
A cooperative intrusion detection system for ad hoc networks

Proceedings of the 1st ACM workshop on Security of ad hoc and sensor networks
Guest Editorial: Special Section on Mission-Oriented Sensor Networks

IEEE Transactions on Mobile Computing
Model-Based Evaluation: From Dependability to Security

IEEE Transactions on Dependable and Secure Computing
Security analysis of SITAR intrusion tolerance system

Proceedings of the 2003 ACM workshop on Survivable and self-regenerative systems: in association with 10th ACM Conference on Computer and Communications Security
A General Cooperative Intrusion Detection Architecture for MANETs

IWIA '05 Proceedings of the Third IEEE International Workshop on Information Assurance
On the Distribution and Revocation of Cryptographic Keys in Sensor Networks

IEEE Transactions on Dependable and Secure Computing
Detecting Critical Nodes for MANET Intrusion Detection Systems

SECPERU '06 Proceedings of the Second International Workshop on Security, Privacy and Trust in Pervasive and Ubiquitous Computing
A Bayesian game approach for intrusion detection in wireless ad hoc networks

GameNets '06 Proceeding from the 2006 workshop on Game theory for communications and networks
Estimating a System's Mean Time-to-Compromise

IEEE Security and Privacy
A grammatical evolution approach to intrusion detection on mobile ad hoc networks

Proceedings of the second ACM conference on Wireless network security
Adaptive intrusion detection & prevention of denial of service attacks in MANETs

Proceedings of the 2009 International Conference on Wireless Communications and Mobile Computing: Connecting the World Wirelessly
Distributed Node Selection for Threshold Key Management with Intrusion Detection in Mobile Ad Hoc Networks

CSE '09 Proceedings of the 2009 International Conference on Computational Science and Engineering - Volume 02
Optimal combined intrusion detection and biometric-based continuous authentication in high security mobile ad hoc networks

IEEE Transactions on Wireless Communications
Modeling and analysis of intrusion detection integrated with batch rekeying for dynamic group communication systems in mobile ad hoc networks

Wireless Networks
On design tradeoffs between security and performance in wireless group communicating systems

NPSEC'05 Proceedings of the First international conference on Secure network protocols
Intrusion detection in wireless ad hoc networks

IEEE Wireless Communications
A framework for misuse detection in ad hoc Networks-part I

IEEE Journal on Selected Areas in Communications

Quantified Score

Hi-index	0.00

Visualization

Abstract

Under highly security vulnerable, resource-restricted, and dynamically changing mobile ad hoc environments, it is critical to be able to maximize the system lifetime while bounding the communication response time for mission-oriented mobile groups. In this paper, we analyze the tradeoff of security versus performance for distributed intrusion detection protocols employed in mobile group communication systems (GCSs). We investigate a distributed voting-based intrusion detection protocol for GCSs in multi-hop mobile ad hoc networks and examine the effect of intrusion detection on system survivability measured by the mean time to security failure (MTTSF) metric and efficiency measured by the communication cost metric. We identify optimal design settings under which the MTTSF metric can be best traded off for the communication cost metric or vice versa. We conduct extensive simulation to validate analytical results obtained. This work provides a general model-based evaluation framework for developing and analyzing intrusion detection protocols that can dynamically adapt to changing attacker strengths with the goal of system lifetime optimization and/or communication cost minimization.