A distributed intrusion detection system for wireless ad hoc networks

In a multi-hop mobile ad hoc network (MANET), mobile nodes communicate with each other forming a cooperative radio network. Security remains a major challenge for these networks due to their features of open medium, dynamically changing topologies, reliance on cooperative algorithms, absence of centralized monitoring points, and lack of any clear lines of defense. Most of the currently existing intrusion detection algorithms designed for these networks are insecure, inefficient, and have high rates of false positives. In this paper, a new approach has been proposed to bring out the complementary relationship between key distribution and intrusion detection for developing an intrusion detection protocol for ad hoc networks. The redundancy of routing information in ad-hoc networks is utilized to develop a highly reliable protocol that works even in presence of transient network partitioning and Byzantine failure of nodes. The proposed mechanism is fully cooperative, and thus it is more robust as the vulnerabilities of the election algorithms used for choosing the subset of nodes for cooperation are absent. Simulation results show the effectiveness of the protocol.