Providence, Rhode Island
May 19, 2003 to May 22, 2003
Yi-an Huang , Georgia Institute of Technology
Wei Fan , IBM T. J. Watson Research
Wenke Lee , Georgia Institute of Technology
Philip S. Yu , IBM T. J. Watson Research
With the proliferation of wireless devices, mobile ad-hoc networking (MANET) has become a very exciting and important technology. However, MANET is more vulnerable than wired networking. Existing security mechanisms designed for wired networks have to be redesigned in this new environment. In this paper, we discuss the problem of intrusion detection in MANET. The focus of our research is on techniques for automatically constructing anomaly detection models that are capable of detecting new (or unseen) attacks. We introduce a new data mining method that performs "cross-feature analysis" to capture the inter-feature correlation patterns in normal traffic. These patterns can be used as normal profiles to detect deviation (or anomalies) caused by attacks. We have implemented our method on a few well known ad-hoc routing protocols, namely, Dynamic Source Routing (DSR) and Ad-hoc On-Demand Distance Vector (AODV), and have conducted extensive experiments on the ns-2 simulator. The results show that the anomaly detection models automatically computed using our data mining method can effectively detect anomalies caused by typical routing intrusions.
Yi-an Huang, Wei Fan, Wenke Lee, Philip S. Yu, "Cross-Feature Analysis for Detecting Ad-Hoc Routing Anomalies", ICDCS, 2003, 2013 IEEE 33rd International Conference on Distributed Computing Systems, 2013 IEEE 33rd International Conference on Distributed Computing Systems 2003, pp. 478, doi:10.1109/ICDCS.2003.1203498