| Mobile Ad Hoc Networks are the collection of wireless computer, communicating among themselves over possible multi-hop paths, without the help of any infrastructure, such as base stations or access points. Nodes in mobile Ad Hoc network collaboratively contribute to routing functionality by forwarding packets for each other to allow nodes to communicate beyond direct wireless transmission range, hence practically all nodes may act as both hosts and routers. Mobile Ad Hoc networks require no centralized administration or fixed network infrastructure and can be quickly and inexpensively set up as needed. Mobile ad hoc networking has become an exciting and important technology in recent years because of the rapid proliferation of wireless devices.MANETs are much more vulnerable to attacks than wired traditional networks due to the open medium, dynamically changing network topology, cooperative algorithms, lack of centralized monitoring and management point, and lack of a clear line of defense.Intrusion prevention measures, such as authentication and encryption, can be used as the first line of defense against attacks in MANET. However, even if these prevention schemes can be implemented perfectly, they still cannot eliminate all attacks, especially the internal or insider attacks. For example, mobile nodes and their users can be captured and compromised. The attacker can then obtain the cryptographic keys. There are many other internal attack methods, including using worms and viruses that propagate within MANETs.Intrusion detection and response presents a second line of defense. We as researchers must focus on developing effective detection approaches. According to the characteristics of MANET, we need to develop a systematic approach for building detection models, identify attacking source to facilitate response actions, and design distributed and effcient IDS architecture.In this paper, we report our progress in developing intrusion detection capabilities for MANET. We address the run-time resource constraint problem using a cluster-based detection scheme and mobile Agent to implement intrusion detection, where periodically a node is elected as the ID Agent for a cluster. Compared with the scheme where each node is its own ID Agent, this scheme is much more efficient while maintaining the same level of effectiveness.The main contribution of our approach is:1. To optimize the security problem of MANET, a cooperative intrusion detection mechanism is proposed based on cluster architecture. We discuss the cooperative and communicable measures between clusters, then points out the arithmetic for cluster formation.The cluster-head nodes are dynamically elected, and overall network security is not entirely dependent on any particular node.2. The efficient distribution of mobile Agents with specific IDS tasks according to their functionality across a mobile ad hoc network. To restrict computation-intensive analysis of overall network security state to a few key nodes.We have conducted extensive experiments using the ns-2 and aglets environments to validate our research. The analysis of the example indicates that the application of cluster architecture and mobile Agent is superior to the traditional methods in the accuracy and the overload of intrusion detection. |
PDF Full Text Request