A Fast Construction of Intrusion Relieved Communication Path based on Trust level and Heuristic Search

Abstract

Adhoc network is subjected to many malicious activities and security threatens because of its wide distribution and heterogeneous nature. Intrusion is one among such activities that comprise confidentiality, integrity or availability of resources. Numerous efforts have been made in the literature to detect intrusion in an Adhoc network, however less number of efforts have been put to construct an intrusion relieved network. In the previous work, we proposed a methodology to construct an intrusion relieved network based on trust level of every node. The methodology used Rotboost algorithm to estimate the trust level of every node in the upcoming instants. As the learning of Rotboost requires more time, we planned to incorporate a fast learning algorithm to improve the efficiency of the methodology. Moreover, this paper introduces an efficient heuristic search algorithm to find the shortest path instead Dijkstra algorithm. As Dijkstra is time consuming in determining shortest possible network paths, it ultimately affects the efficiency of constructing intrusion free path. Replacing Dijkstra by heuristic search algorithm can lead to better performance in terms of computational complexity and the intrusion free path can be constructed in an efficient way. Hence a modified architecture for intrusion detection and intrusion free path detection is constructed and simulated. The simulation results show that the modified architecture outperforms the conventional architecture in terms of intrusion detection rate, path costs and computational times. KeywordsHeuristic, Path Identifier, Fast learning, Rotboost intelligence 1. INTRODUCTIONnetwork is a group of temporary nodes that is competent of enthusiastically forming a momentary network without the support of any centralized unchanging infrastructure. Self- organized and adaptive are the most important features of an adhoc network. A rising number of security threats are exposed by the computer adhoc networks and internet. For network system, more responsive information is being stored as security and is becoming more and more important (1). With the constantly appearing new types of attacks, increasing stretchy and adaptive safety measures oriented approaches is a strict challenge (2) and also it is led to enlarge in cyber-attacks which require the need for a successful intrusion detection system (3). Anderson has introduced the idea of intrusion detection in 1980 (7), Intrusion is defined as any set of deed that challenge to compromise the integrity, confidentiality or availability of system resources (3)(4). By taking into account of the information source an IDS may be either host or network-based. A host-based IDS analyzes proceedings such as process identifiers and system calls, mainly associated to OS information. But, a network-based IDS analyzes network connected events: traffic volume, IP addresses, service ports, protocol usage, etc (6.3), (2). To intrusion detection model as described in (5) misuse detection model and Anomaly detection model are two approaches. Detection of intrusions that follow definite intrusion patterns is referred as misuse detection model. It is very much useful in detecting known attack patterns. Anomaly detection model refers to detection performed by detecting changes in the patterns of operation or performance of the system. Known and unknown attacks can be detected by it. Many data mining approaches like clustering and discovering association rules, have been applied to intrusion detection (8)