Intrusion Detection System for Mobile Ad hoc Networks Based on the Behavior of Nodes
International Journal of Grid and Distributed Computing
A Mobile Ad hoc Network (MANET) can be defined as a network of mobile nodes that communicate over the wireless radio communication channel. It is also defined as a network without any underlying infrastructure and offers unrestricted mobility. Due to their open nature and lack of infrastructure, security for MANETs has become an intricate problem. To transmit data over such a network, generally any routing protocol that enables dynamic, selfstarting multi hop routing between mobile nodes is
... . However these routing protocols are vulnerable to various kinds of attacks. The conventional security mechanisms of protecting a network are not sufficient for these networks. Hence a second level of defense to detect and respond to the security problem called an Intrusion Detection System (IDS) is required. An IDS based on anomaly based intrusion detection that works by checking the behavior of the nodes was proposed to overcome some of the attacks like blackhole, grayhole and flooding attacks. Generally the malicious nodes demonstrate a different behavioral pattern of all the other normal nodes. So the specified approach where a Data Transmission Quality (DTQ) function is used to determine the behavior of the nodes as malicious or legitimate is used. The DTQ function is defined in such a way that it will be close to a constant or keep changing smoothly for genuine nodes and will keep on diminishing for malicious nodes. The proposed method was implemented using AODV as the routing protocol for transmitting data. The evaluation results show that the performance of the AODV protocol under attacks has improved significantly by using the proposed approach.