09-05-2011, 10:05 AM
Cluster-based Cooperative Back Propagation Network Approach for Intrusion Detection in MANET
Abstract
Mobile ad-hoc networks (MANET) are particularlyvulnerable on account of its intrinsic characteristics of openmedium, dynamic topology, absence of central authorities,distributed cooperation and constrained capability. Thesevulnerabilities create significant challenges for routingprotocols operating in the entire network. In which, thereactive routing, i.e. AODV, bears the brunt of various kinds ofattacks. In this paper, we try to build an efficient defensesystem based on a cooperative scheme to detect intrusions inAODV-based ad hoc networks using clustering technique andBack Propagation Network (BPN). A clustering architectureprovides network scalability and fault tolerance, and results inmore efficient use of network resources. Back-propagationneural networks is used for the purpose of anomaly detectionand the feature is selected from the packets. The effectivenessof the proposed scheme is illustrated by means of extensivesimulations using NS-2 simulator. Specifically, the comparisonbetween BPN and finite state machine (FSM) is given.
Keywords- AODV, Reactive Routing, Clustering, NeuralNetworks, Information Security
I. INTRODUCTION
In MANET, because it doesn’t depend on infrastructure ofcommunication between nodes, mobile nodes can selforganize to finish the link and build up the communicationchannel. When two nodes are beyond Radio Range to buildup the communication with other nodes, the node whichbuilds up the communication will have the function of routeinstantly. It can establish an instant communication structurefor civilian and military applications. Unfortunately, themobility and radio broadcast medium make MANET veryvulnerable in malicious attacks. Under this structure,information security is particularly complicated andimportant. To assure communication security, route protocolprotective mechanism such as SAODV [10] and ARAN [7],through encryption and Authentication, are used to reinforcethe security of route, but this kind of secure route protocolcannot resist the internal attack. To take a simple example,under present wireless environment, exists a mobile nodewith the network’s public key and passes the authentication,but this node would still attack other nodes.From the explanation above, MANET can be consideredvery unsafe. As the result, some scholars suggested to buildan IDS to resist internal attack [1]. IDS can be said a secondprotection of defense for MANET security. For a wirelessnetwork that requires high stability and can defend attack, itis necessary to deploy IDS in every node or some nodesdevice, but IDS faces four challenges under MANET: (1) Itneeds to consider mobile node self organize and highmobility. (2) There is a certain transmission distance forevery mobile node, the transmission range of mobile nodemust be considered to be efficiently detected. (3) Mobilenode is limited in resource; it uses more energy andbandwidth when operating IDS. (4) There are not manydifferences between packer feature of malicious and normalnode which affects accuracy and causes false judgment whenIDS detects. The four points make the design of IDS moredifficult.Recently, many scholars make similar research likeanalyzed the feature of attack and provided several structuresof IDS, such as using Finite State Machine (FSM) to stopmalicious behavior. But FSM can only prevent known attack;it cannot guarantee the whole network security can beperformed to unknown attack. BPN [3] is a kind of feedforwardnetwork structure with supervised learning process,so it is suitable to predict unknown attack, and through theadaptability of machine learning characteristic, this canlargely promote accuracy with the changing of dynamictopology, node moving, radio signal and the changing ofconnection degree in MANET. Therefore, in this paper, weface of the challenge of IDS under MANET, use BPN todesign an IDS which is suitable for such environment, andlet IDS discern the feature of packet, find malicious node tosolve the problem that internal attack is difficult to prevent,and heighten the security of whole network, also use Off-linelearning to adjust weight and bias to reduce networkOverhead, and to promote whole detection efficiency.The remainder of the article is organized as follows. Insection 2 we will introduce the state of the research. Weproposed a method to describe IDS system in section 3. Insection 4, we will through stimulation experiment, evaluatethe way of the research and analyze the result. Finally, theconclusion is in section 5.
Download full report
http://doi.ieeecomputersociety10.1109/CIT.2010.288
Abstract
Mobile ad-hoc networks (MANET) are particularlyvulnerable on account of its intrinsic characteristics of openmedium, dynamic topology, absence of central authorities,distributed cooperation and constrained capability. Thesevulnerabilities create significant challenges for routingprotocols operating in the entire network. In which, thereactive routing, i.e. AODV, bears the brunt of various kinds ofattacks. In this paper, we try to build an efficient defensesystem based on a cooperative scheme to detect intrusions inAODV-based ad hoc networks using clustering technique andBack Propagation Network (BPN). A clustering architectureprovides network scalability and fault tolerance, and results inmore efficient use of network resources. Back-propagationneural networks is used for the purpose of anomaly detectionand the feature is selected from the packets. The effectivenessof the proposed scheme is illustrated by means of extensivesimulations using NS-2 simulator. Specifically, the comparisonbetween BPN and finite state machine (FSM) is given.
Keywords- AODV, Reactive Routing, Clustering, NeuralNetworks, Information Security
I. INTRODUCTION
In MANET, because it doesn’t depend on infrastructure ofcommunication between nodes, mobile nodes can selforganize to finish the link and build up the communicationchannel. When two nodes are beyond Radio Range to buildup the communication with other nodes, the node whichbuilds up the communication will have the function of routeinstantly. It can establish an instant communication structurefor civilian and military applications. Unfortunately, themobility and radio broadcast medium make MANET veryvulnerable in malicious attacks. Under this structure,information security is particularly complicated andimportant. To assure communication security, route protocolprotective mechanism such as SAODV [10] and ARAN [7],through encryption and Authentication, are used to reinforcethe security of route, but this kind of secure route protocolcannot resist the internal attack. To take a simple example,under present wireless environment, exists a mobile nodewith the network’s public key and passes the authentication,but this node would still attack other nodes.From the explanation above, MANET can be consideredvery unsafe. As the result, some scholars suggested to buildan IDS to resist internal attack [1]. IDS can be said a secondprotection of defense for MANET security. For a wirelessnetwork that requires high stability and can defend attack, itis necessary to deploy IDS in every node or some nodesdevice, but IDS faces four challenges under MANET: (1) Itneeds to consider mobile node self organize and highmobility. (2) There is a certain transmission distance forevery mobile node, the transmission range of mobile nodemust be considered to be efficiently detected. (3) Mobilenode is limited in resource; it uses more energy andbandwidth when operating IDS. (4) There are not manydifferences between packer feature of malicious and normalnode which affects accuracy and causes false judgment whenIDS detects. The four points make the design of IDS moredifficult.Recently, many scholars make similar research likeanalyzed the feature of attack and provided several structuresof IDS, such as using Finite State Machine (FSM) to stopmalicious behavior. But FSM can only prevent known attack;it cannot guarantee the whole network security can beperformed to unknown attack. BPN [3] is a kind of feedforwardnetwork structure with supervised learning process,so it is suitable to predict unknown attack, and through theadaptability of machine learning characteristic, this canlargely promote accuracy with the changing of dynamictopology, node moving, radio signal and the changing ofconnection degree in MANET. Therefore, in this paper, weface of the challenge of IDS under MANET, use BPN todesign an IDS which is suitable for such environment, andlet IDS discern the feature of packet, find malicious node tosolve the problem that internal attack is difficult to prevent,and heighten the security of whole network, also use Off-linelearning to adjust weight and bias to reduce networkOverhead, and to promote whole detection efficiency.The remainder of the article is organized as follows. Insection 2 we will introduce the state of the research. Weproposed a method to describe IDS system in section 3. Insection 4, we will through stimulation experiment, evaluatethe way of the research and analyze the result. Finally, theconclusion is in section 5.
Download full report
http://doi.ieeecomputersociety10.1109/CIT.2010.288