Anomaly-based Behavioral Detection in Mobile Ad-Hoc Networks

Abstract

Mobile Ad-Hoc networks (MANETs) have gained much attention thanks to their efficiency. However, they appear to be more susceptible to various attacks due to the open access medium and the dynamically changing network topology. Intrusion Detection Systems (IDS) represent an important line of defense against malicious behavior. In fact, they monitor network activities to detect any malicious attempt performed by intruders. IDS datasets show limitations in their evaluation of mobile networks since these datasets cover only wired networks. We recommend a new IDS dataset that reflects the characteristics of MANET. The main contribution turns around the integration of an IDS capable of detecting the majority of security attacks occurring in MANETs. We propose a novel approach in collecting the necessary data in order to build the behavioral Database called NetBigData, which contains normal behavior and attacks scenarios. As a matter of fact, we picked up the most common attack in mobile networks, which is Denial of Service (DoS). In this paper, we use an Anomaly-based technique to monitor traffic patterns, we have simulated four attacks out of three categories which are Packet Dropping, Routing Disruption, and Resource consumption attacks. To improve the quality of the collected data, we used data preprocessing techniques to take advantage from the best performance of our dataset. To automatically generate rules from the obtained data, we chose a Support Vector Machine (SVM) classifier. The obtained results show that the proposed anomaly-based IDS is effective in detecting the DoS type attacks with a high detection rate.