A Mobile ad hoc network is a collection of nodes that is connected through a wireless medium forming rapidly changing topologies. Mobile ad hoc networks are vulnerable due to its fundamental characteristics such as open medium, dynamic topology, distributed co-operation and constrained capability. Real time Intrusion detection architecture for ad hoc networks has been proposed for detecting the attacks in mobile ad hoc networks. The main problem with this approach is that the detection mechanism process relies on a state based misuse detection system. In this case every node needs to run in the IDS agent. This approach does not make use of a distributed architecture to detect attacks that require more than one hop information. In this paper we propose an Efficient ID, a novel architecture that is used to detect active attacks against A0DV protocol in mobile ad hoc networks. Our architecture involves the use of Finite State Machines for specifying AODV routing behavior and distributed network monitors for detecting the attacks. Our methods can detect the attacks that require more than one hop information. We compared the EID Architecture against RID architecture against percentage of detecting the attacks both in static and dynamic case. We have developed a prototype that was evaluated in AODV enabled networks using the network simulator (ns-2).
展开▼
