Intrusion Detection System for Mobile Ad-Hoc Networks (Manets) (original) (raw)

Intrusion Detection System for Mobile Ad Hoc Networks using Cross Layer and Machine Learning Approach

International Journal of Computer Applications, 2018

Mobile Ad Hoc Networking (MANET) has become a key technology in recent years because of the increased usage of wireless devices and their ability to provide temporary and instant wireless networking in situations like flooding and defense. In spite of their attractive applications, MANET poses high security problems compared to conventional wired and wireless networks due to its unique characteristics such as lack of central coordination, dynamic topology, temporary network life and wireless nature of communication. It is essential to have effective security system to provide trusted communication in MANET. Intrusion detection plays a major role in the security system of Mobile ad hoc networks. Data collected for intrusion detection system contains redundant and irrelevant features. Inclusion of these features result in poor predictions and high computational overhead. Feature selection process finds the most discriminative features that increase the detection accuracy and efficiency of the IDS. This study aims to select the important features using genetic algorithm and enhance the performance of SVM classifier. The performance of the system is validated using Network Simulator (NS2). The experimental results proved that the detection accuracy of detection with all features is 96.37% and genetic feature selection is 98.22%. The results demonstrate that the proposed IDS effectively detect the anomalies with high detection accuracy.

Intrusion detection in mobile ad hoc networks using classification algorithms

Advances in Ad Hoc Networking, 2008

In this paper we present the design and evaluation of intrusion detection models for MANETs using supervised classification algorithms. Specifically, we evaluate the performance of the MultiLayer Perceptron (MLP), the Linear classifier, the Gaussian Mixture Model (GMM), the Naïve Bayes classifier and the Support Vector Machine (SVM). The performance of the classification algorithms is evaluated under different traffic conditions and mobility patterns for the Black Hole, Forging, Packet Dropping, and Flooding attacks. The results indicate that Support Vector Machines exhibit high accuracy for almost all simulated attacks and that Packet Dropping is the hardest attack to detect.

A novel support vector machine based intrusion detection system for mobile ad hoc networks

Wireless Networks, 2017

The performance of mobile ad hoc networks (MANETs) is significantly affected by the malicious nodes. One of the most common attacks in MANETs is denial of service (DoS); a type of intrusion specifically designed to target service integrity and availability of a certain network node. Hence, it is important to use an efficient intrusion detection system (IDS) that detects and removes the malicious nodes in the network to improve the performance by monitoring the network traffic continuously. The main contribution of this paper is the integration of an IDS into MANETs as a reliable and potent solution. A new approach to intrusion detection is developed based on support vector machine algorithm. The proposed IDS can detect the DoS type attacks at a high detection rate with a simple structure and short computing time. It is shown by extensive computer simulation that the proposed IDS improves the reliability of the network significantly by detecting and removing the malicious nodes in the system. The performance of the suggested approach is independent of the network routing protocol. The detection rate of the system is also not effected by node mobility and network size.

Evaluation of classification algorithms for intrusion detection in MANETs

Knowledge-Based Systems, 2012

Mobile Ad-hoc Networks (MANETs) are wireless networks without fixed infrastructure based on the cooperation of independent mobile nodes. The proliferation of these networks and their use in critical scenarios (like battlefield communications or vehicular networks) require new security mechanisms and policies to guarantee the integrity, confidentiality and availability of the data transmitted. Intrusion Detection Systems used in wired networks are inappropriate in this type of networks since different vulnerabilities may appear due to resource constraints of the participating nodes and the nature of the communication. This paper presents a comparison of the effectiveness of different classifiers to detect malicious activities in MANETs. Results show that Genetic Programming and Support Vector Machines may help considerably in detecting malicious activities in MANETs.

Intrusion Detection System using Machine Learning for MANET

Taye Endeshaw Mengistu, 2023

A mobile ad-hoc network (MANET) is an infrastructure-less wireless network and self-organized. During communication mobile ad-hoc networks don’t use any proper infrastructure so MANET is prone to various sorts of attacks like DDoS, Bot, SSHBruteforce, and FTP-BruteForce.To supply adequate security against multi-level attacks detection-based schemes should be incorporated additionally to traditionally used prevention techniques because prevention-based techniques cannot prevent the attacks from compromised internal nodes. While deploying a versatile and efficient MANET IDS for unknown future attacks we’ve got faced two challenges. Firstly, proper attribute selection of a network traffic dataset is difficult for unknown attacks. The attributes selected for one reasonable attack might not be compatible in identifying another reasonable attack. When this case happens, MANET IDS treats that traffic as normal or showing some error (False alarm). The second challenge is the unavailability of a labeled real-time traffic dataset to develop a MANET IDS system. The proposed system is to detect the malicious behavior of nodes by intrusion detection system with machine learning algorithm. The system is strong enough to detect attacks like DDoS, Bot, SSH-Bruteforce, and FTP-BruteForce. This paper tries to produce intrusion detection techniques for MANETs using a selective machine learning algorithm. Since the aim is to detect DDos, Bot, SSH-Bruteforce, and FTP-BruteForce attacks through machine learning within each node, there are three main phases: Data collection (normal and attack traffic), feature selection, and extraction, and machine learning classification.Within the data collection phases, normal and attack traffic is collected separately. Within the second phase, features that indicate DDoS, Bot, SSHBruteforce, and FTP-BruteForce attacks are selected and extracted from the captured datasets. Within the last phase, the information is pre-processed to a suitable format by the Scikit-learn tool and labeled. Then the dataset is fed to five classifiers (Support Vector Machine (SVM), Decision Tree, Naive Bayes, K Means Clustering, K Nearest Neighbor’s), and also the performance of the classifiers are evaluated. The obtained results show that the proposed intrusion detection is effective in detecting the DDoS, Bot, SSH-Bruteforce, and FTP-BruteForce type attacks with a high detection rate. The results show KNN (99.99% accuracy), K Means Clustering(99.99% accuracy), and Decision Tree (99.99% accuracy) in three evaluations All, grouped, binary performs with high accuracy while but Naive Bayes (80.12% accuracy) with sufficient accuracy. Finally, the paper concludes with a variety of future research directions within the design and implementation of intrusion detection systems for MANETs. Keywords: Intrusion Detection System, Classification, Machine Learning, Anomaly Detection, Support Vector Machine (SVM), Decision Tree, Naive Bayes, K Means Clustering, K Nearest Neighbors

Feature Analysis for Intrusion Detection in Mobile Ad-hoc Networks

As Mobile Ad-hoc network (MANET) has become a very importanttechnology, research concerning its security problem, especially,in intrusion detection has attracted many researchers. Featureselection methodology plays a central role in the data analysisprocess. The proposed features are tested in different networkoperating conditions. PCA is used to analyze the selectedfeatures. This is because, redundant and irrelevant features oftenreduce performance of the detection system. Performance reductionwill occur both in speed and predictive accuracy. This paper aimsto select and analyze the network features using principalcomponent analysis. In this paper, performing various experiments,normal and attack states are simulated and the results for theselected features are analyzed.

An Investigation of Machine Learning based Intrusion Detection System in Mobile Ad hoc Network

International Journal of Intelligent Engineering Informatics

Building stable networks is one of the most demanding issues in the current era, as the world is increasingly reliant on computers and technology. The standard MANET protocols, software, and facilities presume a collaborative and networking atmosphere that does not consider protection. Intrusion detection systems (IDS) that track centralised network operations and detect malicious nodes are often used to supplement certain security because mitigation strategies are never sufficient. This study describes ML techniques for distributing valuable properties to IDS for green smart transportation on MANET. The performance of ML-IDSs and a review of their adequacy in MANETs help the users determine intrusion when learning about the MANET context. ML optimised KDD IDS. Ensemble learning in this IDS process gave anomaly scores to controlled packets. Our solution to actual MANET dataset shortages is this ML technique. ML techniques, simulation, and a functioning prototype had created a more resilient IDS for green smart transportation. ML-enhanced IDS detected and reduced MANET harmful activity. This research expanded IDS knowledge through ubiquitous learning.

A Monthly Double-Blind Peer Reviewed Refereed Open Access International e-Journal -Included in the International Serial Directories CROSS-LAYER FEATURES BASED INTRUSION DETECTION SYSTEM FOR WIRELESS AD HOC NETWORK

A Mobile Ad hoc Network (MANET) is a network of mobile nodes which dynamically grouped to gather and establish arbitrary and temporary network topology. Ad hoc network is vulnerable to many kind of attack because of infrastructure less architecture. Cross layer based intrusion detection system (IDS) for wireless ad hoc networks using association rule mining and classification is our main focus in this paper. Specifically, features of MAC layer and network layer to profile normal behaviours of mobile nodes are used. The proposed CIDS is able to effectively detect an attack and is able to localize the attack source. False positive rate is reduced through the module 2 of the CIDS where intelligence gathered from neighbour nodes is used to make a collaborative decision by the monitor node. Our proposed solution will lead new track and work in the field of CIDS and eliminating other network attack like jelly fish.

INTRUSION DETECTION SYSTEM FOR MANET USING MACHINE LEARNING AND STATE TRANSITION ANALYSIS

2015

Nowadays the security of mobile adhoc networks is a major challenge because of its utilities in the extra ordinary situations. There are so many ways to employ the security to the adhoc network like intrusion detection systems (IDSs), key management, and trust and reputation management. Intrusion detection system implementation is our one of the major concerns. There are so many ways to implement and increase the security the MANET. This paper proposes the hybrid intrusion detection technique for the mobile adhoc networks that in turn employs the state transition analysis and SVM classification and genetic algorithm machine learning techniques to improve the efficiency and the security of the intrusion detection system.

Intrusion detection in MANET using classification algorithms: The effects of cost and model selection

Ad Hoc Networks, 2012

Intrusion detection is frequently used as a second line of defense in Mobile Ad-hoc Networks (MANETs). In this paper we examine how to properly use classification methods in intrusion detection for MANETs. In order to do so we evaluate five supervised classification algorithms for intrusion detection on a number of metrics. We measure their performance on a dataset, described in this paper, which includes varied traffic conditions and mobility patterns for multiple attacks. One of our goals is to investigate how classification performance depends on the problem cost matrix. Consequently, we examine how the use of uniform versusweighted cost matrices affects classifier performance. A second goal is to examine techniques for tuning classifiers when unknown attack subtypes are expected during testing. Frequently, when classifiers are tuned using cross-validation, data from the same types of attacks are available in all folds. This differs from real-world employment where unknown types of attacks may be present. Consequently, we develop a sequential cross-validation procedure so that not all types of attacks will necessarily be present across all folds, in the hope that this would make the tuning of classifiers more robust. Our results indicate that weighted cost matrices can be used effectively with most statistical classifiers and that sequential cross-validation can have a small, but significant effect for certain types of classifiers.