Design of Hierarchical Intrusion Detection Unit for Ad-hoc Networks Based On Bayesian Networks
Abstract
Mobile ad-hoc networks (MANETs) are susceptible to security attacks due to their limited resources and the wireless medium they operate in. These attacks range from snooping to passive eavesdropping to active interference and DOS attacks. Every node should be equipped to deal with all kinds of attacks since there is no central security mechanism. Hence there should be a mechanism for intrusion detection along with trust establishment and secured routing. In this thesis we propose a hierarchical intrusion detection system based on Bayesian networks. Our work builds on the trust model proposed in [1] to establish trust between peers in the network. To detect an intrusion, a subset of nodes is selected for detecting an intrusion. The detecting node snoops on the network and constructs a Bayesian network in order to detect an intrusion. Based on the information collected by the detecting node, the intruding node is identified. Findings and Conclusions: Simulations results show that depending on the trust and the maliciousness of the node, the algorithm efficiently detects intrusive nodes and excludes them from utilizing the network resources. Furthermore due to the conditional probability methods used in conjunction with Bayes Theorem, even if some innocent node misbehaves sometimes, it will not be treated as an intrusive node immediately. The proposed approach is therefore a more robust and accurate method for intrusion detection
Collections
- OSU Theses [15752]