TraceGray: An application-layer scheme for intrusion detection in MANET using mobile agents

Abstract

Many intrusion detection algorithms have been proposed to detect network attacks on Mobile Ad-Hoc Networks (MANET). Most of such proposals require extensive modifications to routing algorithms or lower layers which might not be always feasible in practice. This paper proposes a simple but non-trivial scheme TraceGray, that uses mobile agents (MA) to carry out intrusion detection in a MANET without modifying either the underlying routing algorithms or other layers like the datalink layer. TraceGray works only in the application layer and detects multiple gray holes in a DSR protocol based MANET, while traversing the network from a given source to a destination. Since mobile agents work in the application layer, our approach requires no changes to any existing routing protocols or lower layers and is essentially protocol independent. The ns-2 based implementation show successful detection of multiple gray holes in networks with moderate mobility.