{"title":"移动Ad Hoc网络的分布式入侵检测","authors":"P. Yi, Yichuan Jiang, Yiping Zhong, Shiyong Zhang","doi":"10.1109/SAINTW.2005.58","DOIUrl":null,"url":null,"abstract":"Mobile ad hoc networking (MANET) has become an exciting and important technology in recent years, because of the rapid proliferation of wireless devices. Mobile ad hoc networks is highly vulnerable to attacks due to the open medium, dynamically changing network topology, cooperative algorithms, lack of centralized monitoring and management point. The traditional way of protecting networks with firewalls and encryption software is no longer sufficient and effective for those features. In this paper, we propose a distributed intrusion detection approach based on finish state machine (FSM).A cluster-based detection scheme is presented, where periodically a node is elected as the monitor node for a cluster. These monitor nodes can not only make local intrusion detection decisions, but also cooperatively take part in global intrusion detection. And then we construct the finite state machine (FSM) by the way of manually abstracting the correct behaviours of the node according to the routing protocol of Dynamic Source Routing (DSR). The monitor nodes can verify every node’s behaviour by the FSM, and validly detect real-time attacks without signatures of intrusion or trained data. Compared with the architecture where each node is its own IDS agent, our approach is much more efficient while maintaining the same level of effectiveness.","PeriodicalId":220913,"journal":{"name":"2005 Symposium on Applications and the Internet Workshops (SAINT 2005 Workshops)","volume":"13 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2005-01-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"86","resultStr":"{\"title\":\"Distributed Intrusion Detection for Mobile Ad Hoc Networks\",\"authors\":\"P. Yi, Yichuan Jiang, Yiping Zhong, Shiyong Zhang\",\"doi\":\"10.1109/SAINTW.2005.58\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Mobile ad hoc networking (MANET) has become an exciting and important technology in recent years, because of the rapid proliferation of wireless devices. Mobile ad hoc networks is highly vulnerable to attacks due to the open medium, dynamically changing network topology, cooperative algorithms, lack of centralized monitoring and management point. The traditional way of protecting networks with firewalls and encryption software is no longer sufficient and effective for those features. In this paper, we propose a distributed intrusion detection approach based on finish state machine (FSM).A cluster-based detection scheme is presented, where periodically a node is elected as the monitor node for a cluster. These monitor nodes can not only make local intrusion detection decisions, but also cooperatively take part in global intrusion detection. And then we construct the finite state machine (FSM) by the way of manually abstracting the correct behaviours of the node according to the routing protocol of Dynamic Source Routing (DSR). The monitor nodes can verify every node’s behaviour by the FSM, and validly detect real-time attacks without signatures of intrusion or trained data. Compared with the architecture where each node is its own IDS agent, our approach is much more efficient while maintaining the same level of effectiveness.\",\"PeriodicalId\":220913,\"journal\":{\"name\":\"2005 Symposium on Applications and the Internet Workshops (SAINT 2005 Workshops)\",\"volume\":\"13 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2005-01-31\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"86\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2005 Symposium on Applications and the Internet Workshops (SAINT 2005 Workshops)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SAINTW.2005.58\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2005 Symposium on Applications and the Internet Workshops (SAINT 2005 Workshops)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SAINTW.2005.58","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Distributed Intrusion Detection for Mobile Ad Hoc Networks
Mobile ad hoc networking (MANET) has become an exciting and important technology in recent years, because of the rapid proliferation of wireless devices. Mobile ad hoc networks is highly vulnerable to attacks due to the open medium, dynamically changing network topology, cooperative algorithms, lack of centralized monitoring and management point. The traditional way of protecting networks with firewalls and encryption software is no longer sufficient and effective for those features. In this paper, we propose a distributed intrusion detection approach based on finish state machine (FSM).A cluster-based detection scheme is presented, where periodically a node is elected as the monitor node for a cluster. These monitor nodes can not only make local intrusion detection decisions, but also cooperatively take part in global intrusion detection. And then we construct the finite state machine (FSM) by the way of manually abstracting the correct behaviours of the node according to the routing protocol of Dynamic Source Routing (DSR). The monitor nodes can verify every node’s behaviour by the FSM, and validly detect real-time attacks without signatures of intrusion or trained data. Compared with the architecture where each node is its own IDS agent, our approach is much more efficient while maintaining the same level of effectiveness.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
