Effect of Intrusion Detection on Failure Time of Mission-Oriented Mobile Group Systems in Mobile Ad Hoc Networks

In this paper, we analyze the effect of intrusion detection system (IDS) techniques on failure time of a mission-oriented group communication system consisting of mobile groups set out for mission execution in mobile ad hoc networks. Unlike the common belief that IDS should be executed as often as possible to cope with insider attacks to prolong the system lifetime, we discover that IDS should be executed at an optimal rate in order to maximize the system lifetime. Further, the optimal rate at which IDS is executed depends on the operational conditions, system failure definitions, attacker behaviors, and IDS techniques used. We develop mathematical models based on stochastic petri nets to identify the optimal rate for IDS execution to maximize the mean time to security failure of the system, when given a set of parameter values characterizing the operational conditions and attacker behaviors.