An Intrusion Detection Scheme for Wireless Mobile Ad hoc Networks based on DSDV Protocol
Wireless mobile ad-hoc networks (MANETs) have come into prominence due to potentially rapid and infrastructure-less deployment in military operations and also in emergency and disaster-relief situations. However, the unreliability of wireless links between nodes, possibility of mobile nodes being captured or compromised, break down of cooperative algorithms, all lead to increased vulnerability. No matter how supposedly secure a system is, unrelenting attackers eventually succeed in infiltrating it. This underscores the need to monitor what is taking place in a system and look for suspicious behavior. An Intrusion Detection System (IDS) does just that: monitors audit data, looks for intrusions in the system, and initiates a proper response. Bandwidth constraints of MANETs necessitate the need for efficiency of any security scheme in order to prevent the overloading of the network.
In this thesis, we have proposed an effective and efficient IDS for MANETs that aims to combine misuse detection with anomaly detection. Experimental validation has provided significant results about not only the accuracy and robustness of the scheme but also the non-degradability of network performance upon induction of our security scheme. It is not affected by factors such as node density, node mobility, traffic load and percentage of malicious nodes. On an average, our IDS, implemented using Destination-Sequenced Distance-Vector (DSDV) protocol, detects intrusions with an accuracy of over 90% and is generally insensitive to false alarms. Moreover, performance metrics such as end-to-end delay, packet delivery ratio and normalized routing load are only marginally affected (about 2% decrease in performance).