A Good IDS Response Protocol of MANET Containment Strategies

Bo-Chao CHENG  Huan CHEN  Ryh-Yuh TSENG  

IEICE TRANSACTIONS on Communications   Vol.E91-B    No.11    pp.3657-3666
Publication Date: 2008/11/01
Online ISSN: 1745-1345
DOI: 10.1093/ietcom/e91-b.11.3657
Print ISSN: 0916-8516
Type of Manuscript: PAPER
Category: Network
MANET,  network security,  IDS response,  T-cell,  AODV,  

Full Text: PDF>>
Buy this Article

Much recent research concentrates on designing an Intrusion Detection System (IDS) to detect the misbehaviors of the malicious node in MANET with ad-hoc and mobility natures. However, without rapid and appropriate IDS response mechanisms performing follow-up management services, even the best IDS cannot achieve the desired primary goal of the incident response. A competent containment strategy is needed to limit the extent of an attack in the Incident Response Life Cycle. Inspired by the T-cell mechanisms in the human immune system, we propose an efficient MANET IDS response protocol (T-SecAODV) that can rapidly and accurately disseminate alerts of the malicious node attacks to other nodes so as to modify their AODV routing tables to isolate the malicious nodes. Simulations are conducted by the network simulator (Qualnet), and the experiment results indicate that T-SecAODV is able to spread alerts steadily while greatly reduce faulty rumors under simultaneous multiple malicious node attacks.