کد مقاله کد نشریه سال انتشار مقاله انگلیسی نسخه تمام متن
444764 693042 2010 14 صفحه PDF دانلود رایگان
عنوان انگلیسی مقاله ISI
A distributed intrusion detection system for resource-constrained devices in ad-hoc networks
موضوعات مرتبط
مهندسی و علوم پایه مهندسی کامپیوتر شبکه های کامپیوتری و ارتباطات
پیش نمایش صفحه اول مقاله
A distributed intrusion detection system for resource-constrained devices in ad-hoc networks
چکیده انگلیسی

This paper describes the design and implementation of a two-stage intrusion detection system (IDS) for use with mobile ad-hoc networks. Our anomaly-based intrusion detection is provided by analyzing the context from the application-level interactions of networked nodes; each interaction corresponds to a specific function or behavior within the operational scenario of the network. A static set of behaviors is determined offline, and these behaviors are tracked dynamically during the operation of the network. During the first stage of the IDS, our detection strategy employs the analysis of global and local maxima in the probability density functions of the behaviors to isolate deviance at the granularity of a single node. This stage is used to capture the typical behavior of the network. The first stage also provides tuning and calibration for the second stage. During the second stage, a cross-correlative component is used to detect multiple threats simultaneously. Our approach distributes the IDS among all connected network nodes, allowing each node to identify potential threats individually. The combined result can detect deviant nodes in a scalable manner and can operate in the presence of a density of deviant nodes approaching 22%. Computational requirements are reduced to adapt optimally to embedded devices on an ad-hoc network.

ناشر
Database: Elsevier - ScienceDirect (ساینس دایرکت)
Journal: Ad Hoc Networks - Volume 8, Issue 3, May 2010, Pages 253–266
نویسندگان
, , ,