A Novel Intrusion Detection System Based on Trust Evaluation to Defend Against DDoS Attack in MANET

Abstract

With the increasing demand of data communication in Internet and electronic commerce environments, security of the data is the prime concern. Large-scale collaborative wireless mobile ad hoc networks may face attacks and damages due to harsh behavior of the malicious nodes. To protect the systems from the intrusion of the attackers, security of the system has to be improvised. In researches involving the designing of the intrusion detection system (IDS), performance efficiency of the system is bound to be compromised. For an effective data communication process in the secured system, there is a need for better IDS without reducing the performance metrics. Intrusion detection is the progression of monitoring node movements and data transmission events that occur in a system for possible intrusions. Distributed denial of service (DDOS) attacks are the primary threat for security in the collaborative wireless Mobile Ad hoc networks. The attacks due to DDOS are much severe when compared to the non DDOS attacks. So proper preventive measures are necessary to detect and revoke such attacks. Our proposed approach involves trust-based evaluation wherein the intrusion detection is done using secured trust evaluation policies. In this paper, a novel IDS is designed using the trust evaluation metrics. This is used for the detection of the flooding DDOS attacks in the networked architecture. The proposed system combines the existing Firecol-based security procedures with Dynamic Growing Self-Organizing Tree Algorithm in the trust evaluation-based environment. Simulation results show that the Trust-based IDS is found to be better in terms of Security metrics viz. Detection probability and Performance metrics viz. Packet Data Ratio, Average Delay, Throughput and Energy Consumption.