MSDAR: Multi-Stage Dynamic Architecture Intrusion Detection System

Abstract

Ad hoc networks have been through extensive research in the last decade. Even with their desirable characteristics, major issues related to their security need to be considered. Various security solutions have been proposed to reduce the risks of malicious actions. They mainly focus on key management, authentication, secure localization, and aggregation techniques. These techniques have been proposed to secure wireless communications but they can only deal with external threats. Therefore, they are considered the first line of defense. Intrusion detection systems are always required to safeguard ad hoc networks as such threats cannot be completely avoided. In this paper, we present a comprehensive survey on intrusion detection systems in ad hoc networks. The intrusion detection systems and components and taxonomy as well as different implementations and types of IDSs are studied and categorized. In addition, we provide a comparison between different Intrusion Detection Systems’ architectures. We also propose a Multi Stage Dynamic Architecture intrusion detection system (MSDAR), designed with a multi-stage detection approach making use of both signature-based and anomaly detection benefits. Our proposed intrusion detection system MSDAR is featured by its dynamic architecture as it can be deployed in the network using the Distributed Hierarchical Architecture. The viability and performance of the proposed system MSDAR are tested against the Distributed Denial of Service Attacks through simulations. Advanced performance parameters were used to evaluate the proposed scheme MSDAR. Experimental results have shown that the performance of MSDAR improves by using multiple stages of different detection mechanisms. In addition, based on simulations, the Detection Rate increases when the sensitivity level increases.