基于时间自动机的Ad hoc网络入侵检测

易平; 柳宁; 吴越

doi:10.3724/SP.J.1146.2008.00877

基于时间自动机的Ad hoc网络入侵检测

doi: 10.3724/SP.J.1146.2008.00877

基金项目:

国家863计划项目(2006AA01Z436，2007AA01Z452，2009AA01Z118)和上海市自然科学基金(09ZR1414900)资助课题

计量
- 文章访问数: 3316
- HTML全文浏览量: 94
- PDF下载量: 821
- 被引次数: 0
出版历程
- 收稿日期: 2008-07-11
- 修回日期: 2009-07-16
- 刊出日期: 2009-10-19

Intrusion Detection Based Timed Automata for Ad hoc Networks

摘要

摘要: 该文提出一种基于时间自动机分布式合作的入侵检测算法。首先，将整个网络分为子区域，每一区域随机选出簇头担任监视节点，负责本区域的入侵检测。其次，按照路由协议构筑节点正常行为和入侵行为的时间自动机，监视节点收集其邻居节点的行为信息，利用时间自动机分析节点的行为，识别入侵者。该算法不需要事先进行数据训练并能够实时检测入侵行为。最后，通过模拟实验证实了算法的有效性。
- 移动Ad hoc网络;路由协议;网络安全;入侵检测;时间自动机
Abstract: In this paper, a distributed intrusion detection approach is proposed based on timed automata. A cluster-based detection scheme is presented, where periodically a node is elected as the monitor node for a cluster. These monitor nodes can not only make local intrusion detection decisions, but also cooperatively take part in global intrusion detection. And then the timed automata is constructed by the way of manually abstracting the correct behaviours of the node according to the routing protocol of Dynamic Source Routing (DSR). The monitor nodes can verify every nodes behaviour by timed automata, and validly detect real-time attacks without signatures of intrusion or trained data. Compared with the architecture where each node is its own IDS agent, our approach is much more efficient while maintaining the same level of effectiveness.　Finally, the intrusion detection method is evaluated through simulation experiments.

HTML全文

参考文献(1)

易平, 蒋嶷川, 钟亦平, 等. 移动Ad hoc 网络安全综述[J]. 电子学报, 2005, 33(5): 893-899.Yi P, Jiang Y C, and Zhong Y P, et al.. A survey of securityfor mobile ad hoc networks [J]. Acta Electronica Sinica, 2005,33(5): 893-899.[2]Zhang Yong-guang and Lee Wenke. Intrusion detection inwireless Ad-hoc networks[C]. Proceedings of The SixthInternational Conference on Mobile Computing andNetworking (MobiCom 2000), Boston, MA, August, 2000:275-283.[3]Zhang Yong-guang and Lee Wenke. Intrusion DetectionTechniques for Mobile Wireless Networks. Mobile Networksand Applications, 2003, 9(5): 545-556.[4]Kachirski O and Guha R. Intrusion detection using mobileagents in wireless ad hoc networks. IEEE Workshop onKnowledge Media Networking (KMN02), Kyoto, Japan,2002: 153-158.[5]Puttini R S.[J].Percher J M, and M L, et al.. A modulararchitecture for distributed IDS in MANET[C]. Proceedingsof the 2003 International Conference on ComputationalScience and Its Applications (ICCSA 2003), Springer Verlag,LNCS 2668, San Diego, USA.2003,:-[6]Huang Yi-an and Lee Wenke. A cooperative intrusiondetection system for ad hoc networks[C]. 2003 ACMWorkshop on Security of Ad Hoc and Sensor Networks(SASN '03), Fairfax, VA, USA, October 31, 2003: 135-147.[7]Sun B, Wu K, and Pooch U W. Routing anomaly detection inmobile ad hoc networks[C]. Proceedings of 12thInternational Conference on Computer Communications andNetworks (ICCCN 03), Dallas, Texas, October 2003: 25-31.[8]Albers P, Camp O, Percher J M, and Jouga B, et al.. Securityin ad hoc Networks: a general intrusion detection architectureenhancing trust based approaches. Proceedings of the FirstInternational Workshop on Wireless Information Systems(WIS-2002), Ciudad Real, Spain, Apr. 2002: 1-12.[9]Bhargava S and Agrawal D P. Security Enhancements inAODV Protocol for Wireless Ad Hoc Networks[C]. VehicularTechnology Conference, 2001: 2143-2147.[10]Wang Wei-chao, Lu Yi, and Bhargava B K. On vulnerabilityand protection of ad hoc on-demand distance vectorprotocol[C]. Proceedings of 10th IEEE InternationalConference on Telecommunication (ICT), Papeete, FrenchPolynesia, 2003: 375-382.[11]Subhadrabandhu D, Sarkar S, and Anjum F. A frameworkfor misuse detection in ad hoc networksPart I[J].IEEEJournal on Selected Areas in Communications.2006, 24(2):274-289[12]Chinyang Henry Tseng, Tao Song, PoornimaBalasubramanyam, Calvin Ko, and Karl Levitt. ASpecification-Based Intrusion Detection Model for OLSR[C].RAID 2005, LNCS 3858, 2006: 330-350.

施引文献

资源附件(0)

访问统计