Short Paper: A Distributed Cross-Layer Intrusion Detection System for Ad Hoc Networks

In this paper, we propose a node-based intrusion detection system (IDS) for wireless ad hoc networks. Specifically, we define a feature set that correlates information from MAC layer and network layer to profile normal behaviors of mobile nodes, and we also adapt a rule-based data mining technique for anomaly detection. The proposed IDS is able to effectively detect an attack and is able to localize the attack source within one-hop perimeter. False positive rate is reduced through the decision module of the IDS where intelligence gathered from neighbor nodes is used to make a collaborative decision and Bayesian network is used to evaluate multiple attack sources. We validate our work through ns-2 simulation experiments. Experimental results show the effectiveness of our method.