Optimal combined intrusion detection and biometric-based continuous authentication in high security mobile ad hoc networks

Abstract

Two complementary classes of approaches exist to protect high security mobile ad hoc networks (MANETs), prevention-based approaches, such as authentication, and detection-based approaches, such as intrusion detection. Most previous work studies these two classes of issues separately. In this paper, we propose a framework of combining intrusion detection and continuous authentication in MANETs. In this framework, multimodal biometrics are used for continuous authentication, and intrusion detection is modeled as sensors to detect system security state. We formulate the whole system as a partially observed Markov decision process considering both system security requirements and resource constraints. We then use dynamic programming-based hidden Markov model scheduling algorithms to derive the optimal schemes for both intrusion detection and continuous authentication. Extensive simulations show the effectiveness of the proposed scheme.