Combination of Hierarchical and Cooperative Models of an IDS for MANETs

Mobile Ad Hoc Networks (MANETs) are susceptible to a variety of attacks that threaten their operation and the provided services. Intrusion Detection Systems (IDSs) may act as defensive mechanisms, since they monitor network activities in order to detect malicious actions performed by intruders, and then initiate the appropriate countermeasures. IDS for MANETs have attracted much attention recently and thus, there are many publications that propose new IDS solutions or improvements to the existing. In this paper, we study the different existing IDS architectures for MANETs. We briefly present for each architecture, after an analysis, the strengths and weaknesses, the methods/techniques that have been proposed to improve the performances and the provided security services. Then, we propose a new IDS architecture for MANETs, this architecture is a combination model hierarchical based on clusters and cooperation model based on a multi-agent system (SMA). In this architecture, agents use a knowledge related to a global security ontology, it can be used to infer new detection rules.