Title :
Log-based intrusion detection for MANET
Author :
Alattar, Mouhannad ; Sailhan, Françoise ; Bourgeois, Julien
Author_Institution :
LIFC, Univ. of Franche-Comte, Montbéliard, France
Abstract :
Ad hoc networks operate mostly over open environments and are hence vulnerable to a large number of threats. This calls for providing advanced intrusion detection. To meet this requirement, we introduce IDAR, a signature- and log-based distributed intrusion detector dedicated to ad hoc routing protocols. Contrary to existing systems that observe packets, IDAR analyses the logs generated by the OLSR protocol and identifies patterns of misuse. This detector copes with the resource-constraints of devices by providing distributed detection. In particular, depending on the level of suspicion/gravity involved, in-depth cooperative investigation is launched. Simulation shows limited bandwidth usage, high detection and low false positives.
Keywords :
mobile ad hoc networks; routing protocols; security of data; telecommunication security; IDAR; MANET; OLSR protocol; ad hoc networks; ad hoc routing protocols; advanced intrusion detection; bandwidth usage; log based distributed intrusion detector; log based intrusion detection; Intrusion detection; Mobile ad hoc networks; Routing; Routing protocols; Topology; Intrusion detection; MANETs; misuse; routing protocols;
Conference_Titel :
Wireless Communications and Mobile Computing Conference (IWCMC), 2012 8th International
Conference_Location :
Limassol
Print_ISBN :
978-1-4577-1378-1
DOI :
10.1109/IWCMC.2012.6314289
