Distributed Algorithms for the Creation of a New Distributed IDS in MANETs

Abstract

A great effort for the development of new communication technologies has been witnessed in the last decade. Among these new technologies are the Mobile Ad Hoc networks (MANETs), which form highly dynamic environments without the presence of concentrator units. As this new technology depends upon the cooperation of his entities for transmission and routing, any malicious or faulty node can spoil all the communication in these environments. Intrusion detection systems (IDS) have been applied as a possible solution. However, the proposed IDSs do not tolerate the presence of malicious or faulty nodes among the IDS nodes. Most of the studies in the literature does not employ the use of cryptographic mechanisms in the communication of IDS nodes, even if this communication depends on the cooperation of nodes that do not belong to the IDS. In this paper we propose a set of distributed algorithms for an IDS model that can support the presence, up to a established threshold, of malicious or faulty nodes at any IDS level. We employ distributed systems and fault tolerance techniques together with cryptographic mechanisms to detect and punish malicious or faulty nodes. We describe the proposed model, making a comparison with major efforts in the literature on distributed intrusion detection systems for MANETs and present the results of tests obtained with an implementation of the proposed model.KeywordsNode MobilityIntrusion DetectionTransmission TimeIntrusion Detection SystemMalicious NodeThese keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.