Abstract
The performance of mobile ad hoc networks (MANETs) is significantly affected by the malicious nodes. One of the most common attacks in MANETs is denial of service (DoS); a type of intrusion specifically designed to target service integrity and availability of a certain network node. Hence, it is important to use an efficient intrusion detection system (IDS) that detects and removes the malicious nodes in the network to improve the performance by monitoring the network traffic continuously. The main contribution of this paper is the integration of an IDS into MANETs as a reliable and potent solution. A new approach to intrusion detection is developed based on support vector machine algorithm. The proposed IDS can detect the DoS type attacks at a high detection rate with a simple structure and short computing time. It is shown by extensive computer simulation that the proposed IDS improves the reliability of the network significantly by detecting and removing the malicious nodes in the system. The performance of the suggested approach is independent of the network routing protocol. The detection rate of the system is also not effected by node mobility and network size.
Similar content being viewed by others
References
Denko, M. K. (2005). Detection and prevention of denial of service (DoS) attacks in mobile ad hoc networks using reputation-based incentive scheme. Systemics, Cybernetics and Informatics, 3(4), 1–9.
Di Pietro, R., Guarino, S., Verde, N. V., & Domingo-Ferrer, J. (2014). Security in wireless ad-hoc networks—A survey. Computer Communications, 51, 1–20. doi:10.1016/j.comcom.2014.06.003.
Nadeem, A., & Howarth, M. P. (2013). A survey of MANET intrusion detection & prevention approaches for network layer attacks. IEEE Communications Surveys & Tutorials, 15(4), 2027–2045.
Kannhavong, B., Nakayama, H., Nemoto, Y., Kato, N., & Jamalipour, A. (2007). A survey of routing attacks in mobile ad hoc networks. IEEE Wireless Communications, 14(5), 85–91.
Amudhavel, J., Brindha, V., Anantharaj, B., Karthikeyan, P., Bhuvaneswari, B., Vasanthi, M., et al. (2016). A survey on intrusion detection system: State of the art review. Indian Journal of Science and Technology, 9(11), 1–9. doi:10.17485/ijst/2016/v9i11/89264.
Zargar, S. T., Joshi, J., & Tipper, D. (2013). A survey of defense mechanisms against distributed denial of service (DDOS) flooding attacks. IEEE Communications Surveys and Tutorials, 15(4), 2046–2069. doi:10.1109/SURV.2013.031413.00127.
Schweitzer, N., Stulman, A., Shabtai, A., & Margalit, R. D. (2016). Mitigating denial of service attacks in OLSR protocol using fictitious nodes. IEEE Transactions on Mobile Computing, 15(1), 163–172.
Ahmed, M. N., Abdullah, A. H., & Kaiwartya, O. (2016). FSM-F: Finite state machine based framework for denial of service and intrusion detection in MANET. PLoS ONE, 11(6), e0156885. doi:10.1371/journal.pone.015688.
Poongodi, M., & Bose, S. (2015). A novel intrusion detection system based on trust evaluation to defend against DDoS attack in MANET. Arabian Journal for Science and Engineering, 40(12), 3583–3594. doi:10.1007/s13369-015-1822-7.
Jhaveri, R. H., Patel, S. J., & Jinwala, D. C. (2012). DoS attacks in mobile ad hoc networks: A survey. In 2012 second international conference on advanced computing & communication technologies (pp. 535–541). IEEE. doi:10.1109/ACCT.2012.48
Sundararajan, T. V. P., Ramesh, S. M., Maheswar, R., & Deepak, K. R. (2014). Biologically inspired artificial intrusion detection system for detecting wormhole attack in MANET. Wireless Networks, 20(4), 563–578.
Chhabra, M., & Gupta, B. B. (2014). An efficient scheme to prevent DDoS flooding attacks in mobile ad-hoc network (MANET). Research Journal of Applied Sciences, Engineering and Technology, 7(10), 2033–2039.
Desilva, S., & Boppana, R. V. (2005). Mitigating malicious control packet floods in ad hoc networks. In IEEE wireless communications and networking conference, 2005 (Vol. 4, pp. 2112–2117). IEEE.
Mirkovic, J., Fahmy, S., Reiher, P., Thomas, R., Hussain, A., Schwab, S., & Ko, C. (2006). Measuring impact of DoS attacks. In Proceedings of the DETER community workshop on cyber security experimentation.
Butun, I., Morgera, S. D., & Sankar, R. (2014). A survey of intrusion detection systems in wireless sensor networks. IEEE Communications Surveys & Tutorials, 16(1), 266–282.
Kumar, S., & Dutta, K. (2016). Intrusion detection in mobile ad hoc networks: Techniques, systems, and future challenges. Security and Communication Networks, 9(14), 2484–2556. doi:10.1002/sec.1484.
Akilarasu, G., & Shalinie, S. M. (2016). Wormhole-free routing and DoS attack defense in wireless mesh networks. Wireless Networks. doi:10.1007/s11276-016-1240-0.
Jin, X., Zhang, Y., Pan, Y., & Zhou, Y. (2006). ZSBT: A novel algorithm for tracing DoS attackers in MANETs. EURASIP Journal on Wireless Communications and Networking, 2006(2), 1–9. doi:10.1155/WCN/2006/96157.
Mukkamala, S., & Sung, A. H. (2003). Detecting denial of service attacks using support vector machines. In The 12th IEEE international conference on fuzzy systems (Vol. 2, pp. 1231–1236). IEEE.
Devi, P., & Kannammal, A. (2016). An integrated intelligent paradigm to detect DDoS attack in mobile ad hoc networks. International Journal of Embedded Systems, 8(1), 69–77.
Marimuthu, M., & Krishnamurthi, I. (2013). Enhanced OLSR for defense against DOS attack in ad hoc networks. Journal of Communications and Networks, 15(1), 31–37. doi:10.1109/JCN.2013.000007.
Şen, S., & Clark, J. A. (2009). Intrusion detection in mobile ad hoc networks (pp. 427–454). London: Springer.
Chen, H., & Lijin, L. (2012). Method and system for UDP flood attack detection. U.S. Patent No. 8,307,430. Washington, DC: U.S. Patent and Trademark Office.
Annamalai, A., & Yegnanarayanan, V. (2012). Secured system against DDoS attack in mobile adhoc network. WSEAS Transactions on Communications, 11(9), 331–341.
Nishani, L., & Biba, M. (2016). Machine learning for intrusion detection in MANET: A state-of-the-art survey. Journal of Intelligent Information Systems, 46(2), 391–407.
Peng, S., Hu, Q., Chen, Y., & Dang, J. (2014). Improved support vector machine algorithm for heterogeneous data. Pattern Recognition, 48(6), 2072–2083. doi:10.1016/j.patcog.2014.12.015.
The Network Simulator - ns-2. http://www.isi.edu/nsnam/ns/
Guns, R., Lioma, C., & Larsen, B. (2012). The tipping point: F-score as a function of the number of retrieved items. Information Processing and Management, 48(6), 1171–1180. doi:10.1016/j.ipm.2012.02.009.
Acknowledgements
The authors are grateful to the editor and the anonymous reviewers for their constructive comments and suggestions, which helped us to improve the manuscript.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Shams, E.A., Rizaner, A. A novel support vector machine based intrusion detection system for mobile ad hoc networks. Wireless Netw 24, 1821–1829 (2018). https://doi.org/10.1007/s11276-016-1439-0
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11276-016-1439-0