{"title":"移动自组织网络中的路由异常检测","authors":"Bo Sun, Kui Wu, U. Pooch","doi":"10.1109/ICCCN.2003.1284145","DOIUrl":null,"url":null,"abstract":"Intrusion detection systems (IDSs) for mobile ad hoc networks (MANETs) are necessary when we deploy MANETs in reality. In this paper, focusing on the protection of MANET routing protocols, we present a new intrusion detection agent model and utilize a Markov chain based anomaly detection algorithm to construct the local detection engine. The details of feature selection, data collection, data preprocess, Markov chain construction, classifier construction and parameter tuning are provided. Based on the routing disruption attack aimed at the dynamic source routing protocol (DSR), we study the performance of the algorithm at different mobility levels. Simulation results show that our algorithm can achieve low false positive ratio, high detection ratio, and small MTFA (mean time to the first alarm), especially when the mobility is low. Detailed analysis of simulation results is also presented.","PeriodicalId":168378,"journal":{"name":"Proceedings. 12th International Conference on Computer Communications and Networks (IEEE Cat. No.03EX712)","volume":"69 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2003-10-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"69","resultStr":"{\"title\":\"Routing anomaly detection in mobile ad hoc networks\",\"authors\":\"Bo Sun, Kui Wu, U. Pooch\",\"doi\":\"10.1109/ICCCN.2003.1284145\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Intrusion detection systems (IDSs) for mobile ad hoc networks (MANETs) are necessary when we deploy MANETs in reality. In this paper, focusing on the protection of MANET routing protocols, we present a new intrusion detection agent model and utilize a Markov chain based anomaly detection algorithm to construct the local detection engine. The details of feature selection, data collection, data preprocess, Markov chain construction, classifier construction and parameter tuning are provided. Based on the routing disruption attack aimed at the dynamic source routing protocol (DSR), we study the performance of the algorithm at different mobility levels. Simulation results show that our algorithm can achieve low false positive ratio, high detection ratio, and small MTFA (mean time to the first alarm), especially when the mobility is low. Detailed analysis of simulation results is also presented.\",\"PeriodicalId\":168378,\"journal\":{\"name\":\"Proceedings. 12th International Conference on Computer Communications and Networks (IEEE Cat. No.03EX712)\",\"volume\":\"69 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2003-10-20\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"69\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings. 12th International Conference on Computer Communications and Networks (IEEE Cat. No.03EX712)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICCCN.2003.1284145\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings. 12th International Conference on Computer Communications and Networks (IEEE Cat. No.03EX712)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICCCN.2003.1284145","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Routing anomaly detection in mobile ad hoc networks
Intrusion detection systems (IDSs) for mobile ad hoc networks (MANETs) are necessary when we deploy MANETs in reality. In this paper, focusing on the protection of MANET routing protocols, we present a new intrusion detection agent model and utilize a Markov chain based anomaly detection algorithm to construct the local detection engine. The details of feature selection, data collection, data preprocess, Markov chain construction, classifier construction and parameter tuning are provided. Based on the routing disruption attack aimed at the dynamic source routing protocol (DSR), we study the performance of the algorithm at different mobility levels. Simulation results show that our algorithm can achieve low false positive ratio, high detection ratio, and small MTFA (mean time to the first alarm), especially when the mobility is low. Detailed analysis of simulation results is also presented.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
