Cross-feature analysis for detecting ad-hoc routing anomalies (original) (raw)

23rd International Conference on Distributed Computing Systems, 2003. Proceedings.

With the proliferation of wireless devices, mobile ad hoc networking (MANET) has become a very exciting and important technology due to its characteristics of open medium and dynamic topology among others. However, MANETs are more vulnerable than wired networks. Existing security mechanisms developed for wired networks need be redesigned for MANET. In this paper, we discuss the problem of intrusion detection in MANET. The focus of our research is on techniques for automatically constructing anomaly detection models that are capable of detecting new (or unknown) attacks. We introduce a new data mining method that uses "cross-feature analysis" to capture the inter-feature correlation patterns in normal traffic. These patterns can be used as normal profiles to detect deviation (or anomalies) caused by attacks. We have implemented our method with two well known ad-hoc routing protocols, namely, Dynamic Source Routing (DSR) and Ad-hoc On-Demand Distance Vector (AODV), and have conducted extensive experiments using the ns-2 simulator. The results show that the anomaly detection models automatically computed using our data mining method can effectively detect the anomalies caused by representative intrusions.

Sign up for access to the world's latest research.

checkGet notified about relevant papers

checkSave papers to use in your research

checkJoin the discussion with peers

checkTrack your impact