A specification-based intrusion detection system for AODV

Authors:
Chin-Yang Tseng;Poornima Balasubramanyam;Calvin Ko;Rattapon Limprasittiporn;Jeff Rowe;Karl Levitt
Affiliations:
University of California, Davis;University of California, Davis;Network Associates, Inc.;University of California, Davis;University of California, Davis;University of California, Davis
Venue:
Proceedings of the 1st ACM workshop on Security of ad hoc and sensor networks
Year:
2003

Citing 11
Cited 31

State Transition Analysis: A Rule-Based Intrusion Detection Approach

IEEE Transactions on Software Engineering
Mitigating routing misbehavior in mobile ad hoc networks

MobiCom '00 Proceedings of the 6th annual international conference on Mobile computing and networking
Intrusion detection in wireless ad-hoc networks

MobiCom '00 Proceedings of the 6th annual international conference on Mobile computing and networking
Performance analysis of the CONFIDANT protocol

Proceedings of the 3rd ACM international symposium on Mobile ad hoc networking & computing
Ariadne: a secure on-demand routing protocol for ad hoc networks

Proceedings of the 8th annual international conference on Mobile computing and networking
A Secure Routing Protocol for Ad Hoc Networks

ICNP '02 Proceedings of the 10th IEEE International Conference on Network Protocols
System Health and Intrusion Monitoring Using a Hierarchy of Constraints

RAID '00 Proceedings of the 4th International Symposium on Recent Advances in Intrusion Detection
Core: a collaborative reputation mechanism to enforce node cooperation in mobile ad hoc networks

Proceedings of the IFIP TC6/TC11 Sixth Joint Working Conference on Communications and Multimedia Security: Advanced Communications and Multimedia Security
Effective Intrusion Detection Using Multiple Sensors in Wireless Ad Hoc Networks

HICSS '03 Proceedings of the 36th Annual Hawaii International Conference on System Sciences (HICSS'03) - Track 2 - Volume 2
Execution monitoring of security-critical programs in distributed systems: a Specification-based approach

SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Securing ad hoc networks

IEEE Network: The Magazine of Global Internetworking

Decentralized intrusion detection in wireless sensor networks

Proceedings of the 1st ACM international workshop on Quality of service & security in wireless and mobile networks
Securing the AODV protocol using specification-based intrusion detection

Proceedings of the 2nd ACM international workshop on Quality of service & security for wireless and mobile networks
A Bayesian game approach for intrusion detection in wireless ad hoc networks

GameNets '06 Proceeding from the 2006 workshop on Game theory for communications and networks
Dynamic Hierarchical Distributed Intrusion Detection System Based on Multi-Agent System

WI-IATW '06 Proceedings of the 2006 IEEE/WIC/ACM international conference on Web Intelligence and Intelligent Agent Technology
The state of peer-to-peer simulators and simulations

ACM SIGCOMM Computer Communication Review
Threshold-based intrusion detection in ad hoc networks and secure AODV

Ad Hoc Networks
A hybrid data mining anomaly detection technique in ad hoc networks

International Journal of Wireless and Mobile Computing
Modelling misbehaviour in ad hoc networks: a game theoretic approach for intrusion detection

International Journal of Security and Networks
A grammatical evolution approach to intrusion detection on mobile ad hoc networks

Proceedings of the second ACM conference on Wireless network security
DoS detection in cluster-based sensor networks

CNIS '07 Proceedings of the Fourth IASTED International Conference on Communication, Network and Information Security
Prevention of flooding attack in wireless ad-hoc AODV-based networks using real-time host intrusion detection

WOCN'09 Proceedings of the Sixth international conference on Wireless and Optical Communications Networks
Design of a cooperative distributed intrusion detection system for AODV

ICUCT'06 Proceedings of the 1st international conference on Ubiquitous convergence technology
Cost-sensitive intrusion responses for mobile ad hoc networks

RAID'07 Proceedings of the 10th international conference on Recent advances in intrusion detection
Security analysis of TORA routing protocol

ICCSA'07 Proceedings of the 2007 international conference on Computational science and Its applications - Volume Part II
A trust-based IDS for the AODV protocol

ICICS'10 Proceedings of the 12th international conference on Information and communications security
Evolutionary computation techniques for intrusion detection in mobile ad hoc networks

Computer Networks: The International Journal of Computer and Telecommunications Networking
An evaluation of anomaly-based intrusion detection engines for mobile ad hoc networks

TrustBus'11 Proceedings of the 8th international conference on Trust, privacy and security in digital business
Specification-based intrusion detection system for WiBro

ICHIT'11 Proceedings of the 5th international conference on Convergence and hybrid information technology
A wireless intrusion detection system for secure clustering and routing in ad hoc networks

ISC'06 Proceedings of the 9th international conference on Information Security
On the anomaly intrusion-detection in mobile ad hoc network environments

PWC'06 Proceedings of the 11th IFIP TC6 international conference on Personal Wireless Communications
An EFSM-based intrusion detection system for ad hoc networks

ATVA'05 Proceedings of the Third international conference on Automated Technology for Verification and Analysis
A specification-based intrusion detection model for OLSR

RAID'05 Proceedings of the 8th international conference on Recent Advances in Intrusion Detection
DEMEM: distributed evidence-driven message exchange intrusion detection model for MANET

RAID'06 Proceedings of the 9th international conference on Recent Advances in Intrusion Detection
Formal reasoning about a specification-based intrusion detection for dynamic auto-configuration protocols in ad hoc networks

FAST'05 Proceedings of the Third international conference on Formal Aspects in Security and Trust
Review: Security threats and solutions in MANETs: A case study using AODV and SAODV

Journal of Network and Computer Applications
Security Through Collaboration and Trust in MANETs

Mobile Networks and Applications
6LoWPAN: a study on QoS security threats and countermeasures using intrusion detection system approach

International Journal of Communication Systems
Energy-aware and self-adaptive anomaly detection scheme based on network tomography in mobile ad hoc networks

Information Sciences: an International Journal
DogoIDS: a mobile and active intrusion detection system for IEEE 802.11s wireless mesh networks

Proceedings of the 2nd ACM workshop on Hot topics on wireless network security and privacy
CAST: Context-Aware Security and Trust framework for Mobile Ad-hoc Networks using policies

Distributed and Parallel Databases
A Distributed and Collaborative Intrusion Detection Architecture for Wireless Mesh Networks

Mobile Networks and Applications

Quantified Score

Hi-index	0.00

Visualization

Abstract

The Ad hoc On-Demand Distance Vector (AODV) routing protocol, designed for mobile ad hoc networks, offers quick adaptation to dynamic link conditions, low processing and memory overhead, and low network utilization. However, without keeping in mind the security issues in the protocol design, AODV is vulnerable to various kinds of attacks. This paper analyzes some of the vulnerabilities, specifically discussing attacks against AODV that manipulate the routing messages. We propose a solution based on specification-based intrusion detection to detect attacks on AODV. Briefly, our approach involves the use of finite state machines for specifying correct AODV routing behavior and distributed network monitors for detecting run-time violation of the specifications. In addition, one additional field in the protocol message is proposed to enable the monitoring. We illustrate that our algorithm, which employs a tree data structure, can effectively detect most of the serious attacks in real time and with minimum overhead.