Mobile ad hoc networks (MANETs) are well known to be vulnerable to various attacks due to their lack of centralized control, and their dynamic topology and energy-constrained operation. Much research in securing MANETs has focused on proposals which detect and prevent a specific kind of attack such as sleep deprivation, black hole, grey hole, rushing or sybil attacks. In this paper we propose a generalized intrusion detection and prevention mechanism. We use a combination of anomaly-based and knowledge-based intrusion detection to secure MANETs from a wide variety of attacks. This approach also has the capability to detect new unforeseen attacks. Simulation results of a case study shows that our proposed mechanism can successfully detect attacks, including multiple simultaneous different attacks, and identify and isolate the intruders causing a variety of attacks, with an affordable network overhead. We also investigate the impact on the MANET performance of (a) the various attacks and (b) the type of intrusion response, and we demonstrate the need for an adaptive intrusion response.
This is a preview of subscription content, log in to check access.
Buy single article
Instant access to the full article PDF.
Price includes VAT for USA
Subscribe to journal
Immediate online access to all issues from 2019. Subscription will auto renew annually.
This is the net price. Taxes to be calculated in checkout.
Agarwal, K., & Wang, W. (2005). Statistical analysis of the impact of routing in MANETs base on real-time measurement. In Proceedings of IEEE ICCCN.
Cretu, F., Parekh, J., Wang, & Stolfo, J. (2006). Intrusion and anomaly detection model exchange for mobile ad-hoc networks. In Proceeding of IEEE consumer communication and networking conference 2006.
Hijazi, A., & Nasser, N. (2005). Using mobile agent for intrusion detection in wireless ad-hoc networks. In Proceeding of IEEE WCNC.
Hu, Y., Perrig, A., & Johnson, B. (2002). A secure on demand routing protocol for ad hoc networks. In Proceeding of MobiCom, Atlanta, Georgia, USA, September (pp. 23–28).
Hu, Y., Jhonson, B., & Perrig, A. (2003). SEAD: secure efficient distance vector routing for mobile wireless ad hoc networks. Ad Hoc Networks, 1, 175–192.
Hu, Y., Perrig, A., & Johnson, B. (2003). Rushing attack and defense in wireless ad hoc networks routing protocols. In Proceeding of 2nd ACM workshop on wireless security. New York: ACM Press.
Ilgun, K., Kemmerer, R. A., & Porras, P. A. (1995). State transition analysis: a rule based intrusion detection approach. IEEE Transactions on Software Engineering, 21(3), 181–199.
Jacquet, P., Muhlethaler, P., Clausen, T., Laouiti, A., & Viennot, L. (2001). Optimized link state routing protocol for ad hoc networks. In Proceeding of IEEE INMIC.
Jhonson, B., & Maltz, A. (1996). Dynamic source routing in ad hoc wireless networks. Mobile Computing Journal, 353, 153–181.
Jiang, H., & Wang, H. (2005). Markov chain based anomaly detection for wireless ad-hoc distribution power communication networks. In Proceedings of IEEE power engineering conference.
Joseph, J., Das, A., Seet, B., & Lee, B. (2008). CRADS: integrated cross layer approach for detecting routing attacks in MANETs. In Proceeding of IEEE WCNC.
KDD data set, 1999. http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html.
Kurosawa, S., & Jamalipour, A. (2007). Detecting blackhole attack on AODV-based mobile ad hoc networks by dynamic learning method. International Journal of Network Security, 5.
Li, Z., Das, A., & Zhou, J. (2005). Theoretical basis for intrusion detection. In IEEE workshop proceedings on information assurance and security, 15–17 June (pp. 184–192).
Nadeem, A., & Howarth, M. (2009). Adaptive intrusion detection & prevention of denial of service attacks in MANETs. In Proceeding of ACM 5th international wireless communication and mobile computing conference. Germany, June.
Nadeem, A., & Howarth, M. (2009). A generalized intrusion detection & prevention mechanism for securing MANETs. In Proceedings of IEEE international conference on ultra modern telecommunications & workshops, St. Petersburg, Russia.
Nuevo, J. (2004). A comprehensive GloMoSim tutorial. In INRS telecom.
Padilla, E., Aschenbruck, N., Martini, P., Jahnke, M., & Tolle, J. (2007). Detecting black hole attack in tactical MANETs using topology graph. In Proceeding of 32nd IEEE conference on local computer networks.
Perkins, E., & Royer, M. (1999). Ad hoc on demand distance vector routing. Sun Micro System Laboratories Advance Development Group. In Proceeding of IEEE MOBICOM (pp. 90–100).
Piro, C., Shields, C., & Levine, B. (2006). Detecting the sybil attack in mobile ad hoc networks. In Proceedings of IEEE international conference on security and privacy in communication networks.
Pirrete, M., & Brooks, R. (2006). The sleep deprivation attack in sensor networks: analysis and methods of defence. International Journal of Distributed Sensor Networks, 2(3), 267–287.
Sanzgiri, K., & Belding-Royer, M. (2002). A secure routing protocol for ad hoc networks. In Proceedings of 10th IEEE international conference on network protocol (ICNP’ 02).
Sen, J., Chandra, M., Harihara, S.G, Reddy, H., & Balamuralidhar, P. (2007). A mechanism for detection of gray hole attack in mobile ad hoc network. In Proceeding of IEEE ICICS.
Xiaopeng, G., & Wei, C. (2007). A novel grey hole attack detection scheme for mobile ad-hoc networks. In Proceeding of IFIP international conference on network & parallel computing.
Yi, P., Dai, Z., & Zhang, S. (2005). Resisting flooding attack in ad hoc networks. In Proceeding of IEEE conference on information technology: coding and computing, Vol. 2 (pp. 657–662).
Yu, W., & Ray, K. (2005). Defence against injecting traffic attack in cooperative ad hoc networks. In IEEE global telecommunication conference Globecom.
Zhang, Y., & Lee, W. (2000). Intrusion detection in wireless ad-hoc networks. In Proceeding of 6th ACM MOBICOM.
This is an extended version of our paper previously published at IEEE ICUMT, 2009.
About this article
Cite this article
Nadeem, A., Howarth, M. Protection of MANETs from a range of attacks using an intrusion detection and prevention system. Telecommun Syst 52, 2047–2058 (2013). https://doi.org/10.1007/s11235-011-9484-6
- Ad hoc network security
- Intrusion detection and prevention
- Secure routing