Hybrid Cryptography Enhanced Adaptive Acknowledgment (HCEAACK) Intrusion Detection System

Abstract

A mobile Ad-hoc network (MANET) is a wireless network that does not rely on any fixed infrastructure (i.e., routing facilities, such as wired networks and access points), and whose nodes must coordinate among themselves to determine connectivity and routing. The traditional way of protecting networks is not directly applicable to MANETs. Many conventional security solutions are ineffective and inefficient for the highly dynamic and resource-constrained environments where MANETs use might be expected. Since prevention techniques are never enough, intrusion detection systems (IDSs), which monitor system activities and detect intrusions, are generally used to complement other security mechanisms. So, it is crucial to develop efficient intrusion-detection mechanisms to protect MANET from attacks. To provide high security for information on MANETs, Intrusion Detection Systems (especially that based on acknowledgment packets) used different types of cryptographic algorithms to protect the acknowledgment packets from attacks of intruder. These cryptographic algorithms are required to provide data security and user's authenticity. In this paper we proposed an intrusion-detection model to protect MANETs from attacks named Hybrid Cryptography Enhanced Adaptive Acknowledgment (HCEAACK) based on acknowledgment packets. In order to ensure the integrity and high level of security of the proposed model, acknowledgment packets encrypted and digitally signed by its sender before they are sent out and verified by its receiver until they are accepted, for this purpose we use hybrid cryptography Technique. This hybrid cryptography Technique has been used to detect hacking on the acknowledgment packets in intrusion detection systems like RSA hacking problem that appears in other pervious system. We used two algorithms to implement our Hybrid Cryptography technique, Advanced Encryption Standard (AES) algorithm and RSA algorithm. The two algorithms are cooperated to give more security to acknowledgment packets. The proposed model has been compared with other popular mechanisms like watchdog, Two Acknowledgment (Two-ACK), Adaptive Acknowledgment (AACK) and Enhanced Adapted Acknowledgment (EAACK) through simulation by Network Simulator NS 2.34. To evaluate the performance of IDS for existing and proposed technique we estimated the values of three performance metrics Packet delivery factor (PDF), Routing Overhead (OH) and Average end-to-end delay (D) in many scenarios. Compared to contemporary approaches, our proposed model demonstrates higher malicious-behavior-detection rates in certain circumstances while does not greatly affect the network performances.