On effective sampling techniques in host-based intrusion detection in tactical MANET

Authors:
Wei Yu;Linqiang Ge;Difan Zhang;Rommie L. Hardy;Robert J. Reschly
Affiliations:
Department of Computer and Information Sciences, Towson University, 8000 York Road, Towson, MD 21252-0001, USA;Department of Computer and Information Sciences, Towson University, 8000 York Road, Towson, MD 21252-0001, USA;Department of Computer and Information Sciences, Towson University, 8000 York Road, Towson, MD 21252-0001, USA;Network Science Division, Computational & Information Sciences Directorate, U.S. Army Research Laboratory, ATTN: RDRL-LOP, 2800 Powder Mill Road, Adelphi, MD 20783-1197, USA;Network Science Division, Computational & Information Sciences Directorate, U.S. Army Research Laboratory, ATTN: RDRL-LOP, 2800 Powder Mill Road, Adelphi, MD 20783-1197, USA
Venue:
International Journal of Security and Networks
Year:
2013

Citing 16
Cited 0

Mimicry attacks on host-based intrusion detection systems

Proceedings of the 9th ACM conference on Computer and communications security
BlueBoX: A policy-driven, host-based intrusion detection system

ACM Transactions on Information and System Security (TISSEC)
Is sampled data sufficient for anomaly detection?

Proceedings of the 6th ACM SIGCOMM conference on Internet measurement
Autograph: toward automated, distributed worm signature detection

SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Syntax vs. semantics: competing approaches to dynamic network intrusion detection

International Journal of Security and Networks
Modelling misbehaviour in ad hoc networks: a game theoretic approach for intrusion detection

International Journal of Security and Networks
An agent-based framework for intrusion detection alert verification and event correlation

International Journal of Security and Networks
Virtual address space mapping for IP auto-configuration in MANET with security capability

ICAIT '08 Proceedings of the 2008 International Conference on Advanced Infocomm Technology
RIDA: a robust information-driven data compression architecture for irregular wireless sensor networks

EWSN'07 Proceedings of the 4th European conference on Wireless sensor networks
Sampling-based stream mining for network risk management

JSAI'06 Proceedings of the 20th annual conference on New frontiers in artificial intelligence
Efficient and Robust Schemes for Sensor Data Aggregation Based on Linear Counting

IEEE Transactions on Parallel and Distributed Systems
Integration of false data detection with data aggregation and confidential transmission in wireless sensor networks

IEEE/ACM Transactions on Networking (TON)
Achieving Max-Min lifetime and fairness with rate allocation for data aggregation in sensor networks

Ad Hoc Networks
A survey of security issues in mobile ad hoc and sensor networks

IEEE Communications Surveys & Tutorials
Security in mobile ad hoc networks: challenges and solutions

IEEE Wireless Communications
Routing security in wireless ad hoc networks

IEEE Communications Magazine

Quantified Score

Hi-index	0.00

Visualization

Abstract

A tactical Mobile Ad Hoc Network MANET demands a robust, diverse and resilient communication and computing infrastructure which enables network-centric operation with minimal downtime. Nevertheless, tactical MANET poses great security risks because mobile nodes are deployed in open hostile environments and wireless communication makes the information accessible to an adversary attacking the tactical MANET. Cyber attack monitoring and detection in the tactical MANET is challenging because of limited resources and its infrastructure-less network environment. To address these issues, we first introduce the host-based detection architecture to monitor and detect cyber attacks against the tactical MANET. We then develop two sampling techniques and discuss other techniques to balance trade-offs between detection accuracy and consumption of network resources. We also analyse the impact of detection accuracy versus sampling techniques and associated parameters. We conduct extensive real-world experiments and simulation studies. Our data validates our theoretical findings well.