Research And Simulation On Risk-evaluation Based Intrusion Response Mechanism In Hierarchical Ad Hoc Networks

As a kind of centreless, self-organized networks, Ad Hoc networks become a hotspot since they don't need the support of basic establishment in information networks, and they are suitable for battlefield, disaster, temporary session and so on. Meanwhile, Ad Hoc networks' unique characteristics make the security problems in Ad Hoc networks very serious. In order to improve the networks'scalability, Ad Hoc networks are showing a hierarchical trend. In the Ad Hoc networks with hierarchical architecture, the status of nodes are different, there are bottleneck nodes in the networks, these features make hierarchical Ad Hoc networks'security problems become more prominent.A risk-evaluation based intrusion response mechanism is proposed for the highlighted security problems in hierarchical Ad Hoc networks. The whole mechanism contains three parts, including risk-evaluation, decision-making support and decision-making and response. When the intrusion detection system finds attacks, risk-evaluation module evaluates the risk degree of routing attacks according to the network performance information obtained from intrusion detection system. Decision-making support module provides decision support for decision-making and response module by distinguishing nodes'type. Decision-making and response module contains two sub-modules:decision-making and response. Decision-making sub-module makes corresponding strategies for routing attacks based mainly on the result of risk evaluation module, as well as on the supplementary information from decision-making support module. Response sub-module limits the harm of routing attacks by a series of actions on grounds of the corresponding strategies, as soon as possible.To verify the validity of the security mechanism, NS-2 networks simulation tool is adopted to simulate the performance of risk-evaluation based intrusion response mechanism. Simulation results show that the mechanism proposed can select the appropriate response strategies according to the risk degree of routing attacks, which effectively maintains the networks'performance when faced with the threat of network attacks, it is fit for hierarchical Ad Hoc networks'characteristics and security needs.