The Research On Intrusion Detection System Architecture And Group Algorithm For IDS In Mobile Ad Hoc Network

With the rapid development of wireless communication technology as well as the improved performance of mobile terminal, more and more applications appear in military and civil for mobile ad hoc networks (MANET) have been widely used, and the requirements for security and reliability increase steadily. Differing from the wired network, MANET has the following inherent vulnerabilities: the open medium, dynamically changing network topology, and so on. Because of these, MANETs are more vulnerable to a large range of attacks than the wired networks are, and some security mechanisms applied in traditional wired networks such as authentication and encryption are not suitable for MANET any more. Therefore, the network security in MANET has become an interesting research topic.Since users and procedures are visible in open MANET, intrusion detection technology, as a positive protection, may check whether the network has been intruded through periodical intrusion detection and data interception, and take response to guarantee network security and survive network communication when an intrusion is confirmed. More and more researchers believe that intrusion detection technology may ensure the routing, communication and high-level application in MANET. Therefore, from the aspect of network security, the study on intrusion detection technology for mobile ad hoc network is very important.This paper will study on the intrusion detection system architectures and correlative key technology. It gives a thorough analysis on the inherent vulnerability of MANETs and security research in the field, then puts forward the group intrusion detection system architecture using mobile agent for mobile ad hoc network (GMAIDS-MANET). It could eliminate some disadvantages existed in other IDS architectures for MANET. Under such architecture, all mobile nodes with IDS in MANET can be divided into some sub-groups and carry out the effective intrusion mechanism, which performs distributed detection in whole and centralized decision-making at local. This architecture can reduce the computation and battery power of single node, and can also avoid the limitations due to the limited bandwidth and finite communication speed.Group structure is topological basic and precondition for the IDS architecture in MANET, since the group algorithm performance of the IDS directly affects the whole capability of IDS. This paper aims at the GMAIDS-MANET system architecture to work over grouping algorithm of IDS. Firstly, the paper designs a simulative method to realize grouping algorithms. Further on, it analyzes four kinds of grouping algorithms...