Wireless Networks

, Volume 9, Issue 5, pp 545–556 | Cite as

Intrusion Detection Techniques for Mobile Wireless Networks

  • Yongguang Zhang
  • Wenke Lee
  • Yi-An Huang


The rapid proliferation of wireless networks and mobile computing applications has changed the landscape of network security. The traditional way of protecting networks with firewalls and encryption software is no longer sufficient and effective. We need to search for new architecture and mechanisms to protect the wireless networks and mobile computing application. In this paper, we examine the vulnerabilities of wireless networks and argue that we must include intrusion detection in the security architecture for mobile computing environment. We have developed such an architecture and evaluated a key mechanism in this architecture, anomaly detection for mobile ad-hoc network, through simulation experiments.

intrusion detection intrusion response cooperative detection anomaly detection mobile ad-hoc networks 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [1]
    J. Binkley, Authenticated ad hoc routing at the link layer for mobile systems, Technical Report 96-3, Portland State University, Computer Science (1996).Google Scholar
  2. [2]
    A. Boukerche and M.S.M.A. Notare, Neural fraud detection in mobile phone operations, in: Proceedings of the IPDPS 2000 Workshop, Cancun, Mexico, May 1–5 (2000) pp. 636–644.Google Scholar
  3. [3]
    J. Broch, D. Johnson and D. Maltz, The dynamic source routing protocol for mobile adhocnetworks, Internet Draft, draft-ietf-manetdsr-01.txt (December 1998).Google Scholar
  4. [4]
    W.W. Cohen, Fast effective rule induction, in: Proceedings of the 12th International Conference on Machine Learning (Morgan Kaufmann, San Mateo, CA, 1995) pp. 115–123.Google Scholar
  5. [5]
    T.M. Cover and J.A. Thomas, Elements of Information Theory (Wiley, New York, 1991).Google Scholar
  6. [6]
    K. Fall and E. Varadhan, The ns Manual 2000 (formerly ns Notes and Documentation).Google Scholar
  7. [7]
    S. Forrest, S.A. Hofmeyr, A. Somayaji and T.A. Longstaff, A sense of self for Unix processes, in: Proceedings of the 1996 IEEE Symposium on Security and Privacy, Los Alamitos, CA (IEEE Computer Society Press, New York, 1996) pp. 120–128.Google Scholar
  8. [8]
    R. Heady, G. Luger, A. Maccabe and M. Servilla, The architecture of a network level intrusion detection system, Technical Report, Computer Science Department, University of New Mexico (August 1990).Google Scholar
  9. [9]
    K. Ilgun, R.A. Kemmerer and P.A. Porras, State transition analysis: A rule-based intrusion detection approach, IEEE Transactions on Software Engineering 21(3) (1995) 181–199.Google Scholar
  10. [10]
    S. Jacobs and M.S. Corson, MANET authentication architecture, Internet Draft, draft-jacobs-imep-auth-arch-01.txt (February 1999) expired at 2000.Google Scholar
  11. [11]
    S. Jacobs, S. Glass, T. Hiller and C. Perkins, Mobile IP authentication, authorization, and accounting requirements, Request for Comments 2977, Internet Engineering Task Force (October 2000).Google Scholar
  12. [12]
    T. Joachims, Making Large-Scale SVM Learning Practical (MIT Press, Cambridge, MA, 1999) chapter 11.Google Scholar
  13. [13]
    D. Johnson, Routing in ad hoc networks of mobile hosts, in: Workshop on Mobile Computing Systems and Applications, Santa Cruz, CA (1994).Google Scholar
  14. [14]
    D.B. Johnson and D.A. Maltz, Dynamic source routing in ad hoc wireless networks, in: Mobile Computing, eds. T. Imielinski and H. Korth (Kluwer Academic, Dordrecht, 1996) pp. 153–181.Google Scholar
  15. [15]
    Y.-B. Ko and N.H. Vaidya, Location-aided routing (LAR) in mobile ad hoc networks, ACM/Baltzer Wireless Networks (WINET) 6(4) (2000), extended version of the MobiCom'98 paper.Google Scholar
  16. [16]
    S. Kumar and E.H. Spafford, A software architecture to support misuse intrusion detection, in: Proceedings of the 18th National Information Security Conference (1995) pp. 194–204.Google Scholar
  17. [17]
    W. Lee and S.J. Stolfo, Data mining approaches for intrusion detection, in: Proceedings of the 7th USENIX Security Symposium, San Antonio, TX (January 1998).Google Scholar
  18. [18]
    W. Lee, S J. Stolfo and K.W. Mok, A data mining framework for building intrusion detection models, in: Proceedings of the 1999 IEEE Symposium on Security and Privacy (May 1999).Google Scholar
  19. [19]
    T. Lunt, A. Tamaru, F. Gilham, R. Jagannathan, P. Neumann, H. Javitz, A. Valdes and T. Garvey, A real-time intrusion detection expert system (IDES) – final technical report, Technical Report, Computer Science Laboratory, SRI International, Menlo Park, CA (February 1992).Google Scholar
  20. [20]
    D.A. Maltz, J. Broch, J. Jetcheva and D.B. Johnson, The effects of ondemand behavior in routing protocols for multi-hop wireless ad hoc networks, IEEE Journal on Selected Areas in Communications 17(8) (1999) 1439–1453.Google Scholar
  21. [21]
    T. Mitchell, Machine Learning (McGraw-Hill, New York, 1997).Google Scholar
  22. [22]
    C. Perkins and P. Bhagwat, Highly dynamic destination-sequenced distance-vector routing (DSDV) for mobile computers, in: ACM SIGCOMM' 94 Conference on Communications Architectures, Protocols and Applications (1994) pp. 234–244.Google Scholar
  23. [23]
    C. Perkins and E. Royer, Ad-hoc on-demand distance vector routing, in: Proceedings of the 2nd IEEE Workshop on Mobile Computing Systems and Applications (February 1999) pp. 90–100.Google Scholar
  24. [24]
    M. Satyanarayanan, J.J. Kistler, L.B. Mummert, M.R. Ebling, P. Kumar and Q. Lu, Experiences with disconnected operation in a mobile environment, in: Proceedings of USENIX Symposium on Mobile and Location Independent Computing, Cambridge, MA (August 1993) pp. 11–28.Google Scholar
  25. [25]
    B.R. Smith, S. Murthy and J.J. Garcia-Luna-Aceves, Securing distancevector routing protocols, in: Proceedings of Internet Society Symposium on Network and Distributed System Security, San Diego, CA (February 1997) pp. 85–92.Google Scholar
  26. [26]
    L. Venkatraman, Secured routing protocol for ad-hoc networks, Master's Thesis, University of Cincinnati, OH (March 2000).Google Scholar
  27. [27]
    L. Zhou and Z.J. Haas, Securing ad hoc networks, IEEE Network 13(6) (1999) 24–30Google Scholar

Copyright information

© Kluwer Academic Publishers 2003

Authors and Affiliations

  • Yongguang Zhang
    • 1
  • Wenke Lee
    • 2
  • Yi-An Huang
    • 2
  1. 1.HRL Laboratories LLCMalibuUSA
  2. 2.College of ComputingGeorgia Institute of TechnologyUSA

Personalised recommendations