A novel support vector machine based intrusion detection system for mobile ad hoc networks
- 1.5k Downloads
The performance of mobile ad hoc networks (MANETs) is significantly affected by the malicious nodes. One of the most common attacks in MANETs is denial of service (DoS); a type of intrusion specifically designed to target service integrity and availability of a certain network node. Hence, it is important to use an efficient intrusion detection system (IDS) that detects and removes the malicious nodes in the network to improve the performance by monitoring the network traffic continuously. The main contribution of this paper is the integration of an IDS into MANETs as a reliable and potent solution. A new approach to intrusion detection is developed based on support vector machine algorithm. The proposed IDS can detect the DoS type attacks at a high detection rate with a simple structure and short computing time. It is shown by extensive computer simulation that the proposed IDS improves the reliability of the network significantly by detecting and removing the malicious nodes in the system. The performance of the suggested approach is independent of the network routing protocol. The detection rate of the system is also not effected by node mobility and network size.
KeywordsSupport vector machines Denial of service Intrusion detection Mobile ad hoc networks Machine learning
The authors are grateful to the editor and the anonymous reviewers for their constructive comments and suggestions, which helped us to improve the manuscript.
- 1.Denko, M. K. (2005). Detection and prevention of denial of service (DoS) attacks in mobile ad hoc networks using reputation-based incentive scheme. Systemics, Cybernetics and Informatics, 3(4), 1–9.Google Scholar
- 10.Jhaveri, R. H., Patel, S. J., & Jinwala, D. C. (2012). DoS attacks in mobile ad hoc networks: A survey. In 2012 second international conference on advanced computing & communication technologies (pp. 535–541). IEEE. doi: 10.1109/ACCT.2012.48
- 13.Desilva, S., & Boppana, R. V. (2005). Mitigating malicious control packet floods in ad hoc networks. In IEEE wireless communications and networking conference, 2005 (Vol. 4, pp. 2112–2117). IEEE.Google Scholar
- 14.Mirkovic, J., Fahmy, S., Reiher, P., Thomas, R., Hussain, A., Schwab, S., & Ko, C. (2006). Measuring impact of DoS attacks. In Proceedings of the DETER community workshop on cyber security experimentation.Google Scholar
- 19.Mukkamala, S., & Sung, A. H. (2003). Detecting denial of service attacks using support vector machines. In The 12th IEEE international conference on fuzzy systems (Vol. 2, pp. 1231–1236). IEEE.Google Scholar
- 22.Şen, S., & Clark, J. A. (2009). Intrusion detection in mobile ad hoc networks (pp. 427–454). London: Springer.Google Scholar
- 23.Chen, H., & Lijin, L. (2012). Method and system for UDP flood attack detection. U.S. Patent No. 8,307,430. Washington, DC: U.S. Patent and Trademark Office.Google Scholar
- 24.Annamalai, A., & Yegnanarayanan, V. (2012). Secured system against DDoS attack in mobile adhoc network. WSEAS Transactions on Communications, 11(9), 331–341.Google Scholar
- 27.The Network Simulator - ns-2. http://www.isi.edu/nsnam/ns/