Abstract
In this paper we propose a prevention mechanism for distributed denial of service (DDoS) attacks in Mobile Ad hoc Networks (MANET) environment. Since MANETs are wireless, self-configuring networks with highly unpredictable node movement, the security provisioning represents one of the most sensitive issues. The presented approach relies on the investigation of widespread bandwidth attacks, with focus on Distributed Denial of Service (DDoS) attacks, which are extremely dangerous, hard to detect and challenging to prevent. DDoS represents a coordinated activity of a group of attackers aiming to prevent legitimate users the access to network resources. Intrusion prevention systems (IPS) are mainly considered as extensions of intrusion detection systems (IDS) with a purpose to actively prevent and block intrusions that are detected by IDS. The presented IPS model is based on the analysis of the forensic analysis report generated by IDS incorporated into the network security monitoring system. DOI: http://dx.doi.org/10.5755/j01.eee.20.6.7289
Highlights
Mobile ad hoc networks (MANET) are dynamic peer-topeer, self-configuring networks
We assume that the intruders were detected based on Flexible MANET Intrusion detection System (FMIDS) algorithm [10], which basically applies the forensic analysis methodology and retrieves the log file in maximum x iterations
IDSitx represents the specific intrusion detection systems (IDS) activity iteration, where in the case of the experiments presented in this paper x 1,.., 6 stands for six consecutive FMIDS iterations that are used for generation of the report
Summary
Mobile ad hoc networks (MANET) are dynamic peer-topeer, self-configuring networks. Their wireless nature, lack of central administration and inherent node mobility imply specific security requirements. For proper implementation and use of these networks, the imperative is to ensure the security and minimize the probability of the attacks occurrence [1]. In this paper the focus is on efficient use of the IDS report and its application for the preventive and responsive activities in MANET security provisioning. We have first provided an overview of the DDoS attacks in MANET, and set the requirements for digital evidence analysis by means of proper IDS solution. The Flexible MANET Prevention Algorithm (FMPA) has been proposed, and explained its interoperability with the used IDS solution. This paper has been partially financed by Serbian Ministry of Education, Science and Technical Development (Development Projects TR 32025 and TR 32037)
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
