IEEE Transactions on Software Engineering - Special issue on computer security and privacy
An introduction to signal detection and estimation (2nd ed.)
An introduction to signal detection and estimation (2nd ed.)
Firewalls and Internet security: repelling the wily hacker
Firewalls and Internet security: repelling the wily hacker
Practical Unix and Internet security (2nd ed.)
Practical Unix and Internet security (2nd ed.)
Mitigating routing misbehavior in mobile ad hoc networks
MobiCom '00 Proceedings of the 6th annual international conference on Mobile computing and networking
Intercepting mobile communications: the insecurity of 802.11
Proceedings of the 7th annual international conference on Mobile computing and networking
Approximation algorithms
System Health and Intrusion Monitoring Using a Hierarchy of Constraints
RAID '00 Proceedings of the 4th International Symposium on Recent Advances in Intrusion Detection
Hi-index | 0.00 |
We focus on detecting intrusions in wireless ad hoc networks using the misuse detection technique. We allow for detection modules that periodically fail to detect attacks and also generate false positives. Combining theories of hypothesis testing and approximation algorithms, we develop a framework to counter different threats while minimizing the resource consumption. We obtain computationally simple optimal rules for aggregating and thereby minimizing the errors in the decisions of the nodes executing the intrusion detection software (IDS) modules. But, we show that the selection of the optimal set of nodes for executing the IDS is an NP-hard problem. We present a polynomial complexity selection algorithm that attains a guaranteeable approximation bound. We also modify this algorithm to allow for seamless operation in time varying topologies, and evaluate the efficacy of the approximation algorithm and its modifications using simulation. We identify a selection algorithm that attains a good balance between performance and complexity for attaining robust intrusion detection in ad hoc networks.