Performance Analysis of Machine Learning-based Detection of Sinkhole Network Layer Attack in MANET

Abstract

This paper proposes an Intrusion Detection System (IDS) against Sinkhole attacks in Mobile Adhoc Networks (MANET) with mobile sinks. A sinkhole attack is where a hacked node advertises a false routing update to draw network traffic. One effect of a sinkhole attack is that it may be used to launch further attacks, such as drops or changed routing information. Sinkhole nodes attempt to forge the source–destination routes to attract the surrounding network traffic. For this purpose, they modify routing control packets to publish fake routing information that makes sinkhole nodes appear as the best path to some destinations. Several machine learning techniques, including Decision Tree (DT), K-Nearest Neighbor (KNN), Convolution neural network (CNN), and Support Vector Machine (SVM), are used to do the categorization. Furthermore, the MANET’s node’s characteristics, particularly speed, are used for feature extraction. Totally 3997 unique samples, including 256 malicious samples and 3604 normal samples are collected. The categorization results demonstrate the accuracy of DT, KNN, CNN, and SVM at 98.4%, 96.7%, 98.6%, and 97.8%, respectively. The CNN approach is more accurate than other methods, at 98.6%, based on the data. After that, Priority, SVM, KNN, and CNN, in that order, each denotes excellent accuracy.