Skip to main content
SpringerLink
Log in

Cost-Sensitive Intrusion Responses for Mobile Ad Hoc Networks

  • Conference paper
Recent Advances in Intrusion Detection (RAID 2007)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 4637))

Included in the following conference series:

Abstract

This paper addresses how to perform cost-sensitive responses to routing attacks on Mobile Ad Hoc Networks (MANET). There have been numerous research efforts on securing MANET protocols using cryptography or intrusion detection techniques. However, few writings have addressed MANET intrusion response. Most research on automated response for wired networks focuses on how to select the best response action to improve the security posture and availability of the system in a cost effective manner. We borrow this cost sensitive concept and develop a cost model for MANET. Two indices, Topology Dependency Index (TDI) and Attack Damage Index (ADI), are developed to reflect the response cost and attack damage, respectively. TDI measures the positional relationship between nodes and the attacker, and ADI represents the routing damage caused by the attacker. Response cost, routing damage brought by the isolation response, can be calculated from TDI. Comparing TDI with ADI helps the response agents (“RA”) to perform Adaptive Isolation while maintaining good network throughput. The simulation results show that launching adaptive isolations according to the comparison of TDI and ADI gives better network throughput than direct isolation. Therefore, the main contribution of our solution is to keep network connectivity when launching isolation responses and to do so such that good quality of network routing services is maintained.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Clausen, T.T., Jacquet, P.: Optimized link state routing protocol (OLSR). IETF RFC3626

    Google Scholar 

  2. Perkins, C., Belding-Royer, E., Das, S.: Ad hoc on-demand distance vector (AODV) routing. IETF RFC 3561

    Google Scholar 

  3. Ogier, R., Templin, F., Lewis, M.: Topology Dissemination Based on Reverse-Path Forwarding (TBRPF). IETF RFC3684

    Google Scholar 

  4. Tseng, C.H., Wang, S.-H., Ko, C., Levitt, K.: DEMEM: Distributed Evidence-Driven Message Exchange Intrusion Detection Model For MANET. In: Zamboni, D., Kruegel, C. (eds.) RAID 2006. LNCS, vol. 4219, Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  5. Tseng, C.H., Song, T., Balasubramanyam, P., Ko, C., Levitt, K.: A Specification-based Intrusion Detection Model for OLSR. In: Valdes, A., Zamboni, D. (eds.) RAID 2005. LNCS, vol. 3858, Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  6. Tseng, C., Balasubramanyam, P., Ko, C., Limprasittiporn, R., Rowe, J., Levitt, K.: A Specification-Based Intrusion Detection System For AODV. In: Proceedings of the ACM Workshop on Security in Ad Hoc and Sensor Networks (SASN 2003) (October 2003)

    Google Scholar 

  7. Ning, P., Sun, K.: How to Misuse AODV: A Case Study of Insider Attacks against Mobile Adhoc Routing Protocols. In: Proceedings of the 4th Annual IEEE Information Assurance Workshop, West Point, June 2003, pp. 60–67. IEEE Computer Society Press, Los Alamitos (2003)

    Google Scholar 

  8. Buchegger, S., Le Boudec, J.-Y.: Performance Analysis of the CONFIDANT Protocol (Cooperation Of Nodes: Fairness In Dynamic Ad-hoc NeTworks). In: Proceedings of the 3rd ACM international symposium on Mobile ad hoc networking & computing, Lausanne, Switzerland, June 2002, ACM Press, New York (2002)

    Google Scholar 

  9. Zhang, Y., Lee, W.: Intrusion Detection in Wireless Ad-Hoc Networks. In: Proceedings of The Sixth International Conference on Mobile Computing and Networking (MobiCom 2000), Boston, MA (August 2000)

    Google Scholar 

  10. Huang, Y.-a., Lee, W.: A cooperative intrusion detection system for ad hoc networks. In: Proceedings of the 1st ACM workshop on Security of ad hoc and sensor networks, October 2003, ACM Press, New York (2003)

    Google Scholar 

  11. Wang, S.-H., Tseng, C.H., Ko, C., Gertz, M., Levitt, K.: A general automatic response model for MANET. In: Proceeding of First IEEE International Workshop on Next Generation Wireless Networks, December 2005, IEEE Computer Society Press, Los Alamitos (2005)

    Google Scholar 

  12. Tseng, C.H., Wang, S.-H., Levitt, K.: DRETA: Distributed Routing Evidence Tracing and Authentication intrusion detection Model for MANET. In: ASIACCS 2007 (2007)

    Google Scholar 

  13. Yi, S., Naldurg, P., Kravets, R.: Security-aware routing protocol for wireless ad hoc networks. In: Proceeding of ACM MobiHoc 2001 (October 2001)

    Google Scholar 

  14. Zhou, L., Haas, Z.J.: Securing ad hoc networks. IEEE Network 13(6), 24–30 (1999)

    Article  Google Scholar 

  15. Sanzgiri, K., Dahill, B., Levine, B.N., Shields, C., Belding-Royer, E.M.: A secure routing protocol for ad hoc networks. In: Proceeding of the Tenth IEEE International Conference on Network Protocols, IEEE Computer Society Press, Los Alamitos (2002)

    Google Scholar 

  16. Balepin, I., Maltsev, S., Rowe, J., Levitt, K.: Using Specification-Based Intrusion Detection for Automated Response. In: Vigna, G., Krügel, C., Jonsson, E. (eds.) RAID 2003. LNCS, vol. 2820, Springer, Heidelberg (2003)

    Google Scholar 

  17. Tylutki, M., Levitt, K.N.: Mitigating Distributed Denial of Service Attacks Using a Proportional-Integral-Derivative Controller. In: Vigna, G., Krügel, C., Jonsson, E. (eds.) RAID 2003. LNCS, vol. 2820, Springer, Heidelberg (2003)

    Google Scholar 

  18. Toth, T., Kruegel, C.: Evaluating the impact of automated intrusion response mechanisms. In: 18th Annual Computer Security Applications Conference, Las Vegas, Nevada (December 9-13, 2002)

    Google Scholar 

  19. Prasant, M., Srikanth, K. (eds.): Ad Hoc Networks: Technologies and Protocols (2004)

    Google Scholar 

  20. Hu, Y.-C., Perrig, A., Johnson, D.B.: A Secure On-Demand Routing Protocol for Ad Hoc Networks. In: The 8th ACM International Conference on Mobile Computing and Networking, September 2002, ACM Press, New York (2002)

    Google Scholar 

  21. Canetti, P.R., Tygar, D., Song, D.: The TESLA broadcast authentication protocol. Cryptobytes (RSA Laboratories, Summer/Fall 2002) 5(2), 2–13 (2002)

    Google Scholar 

  22. White, G., Fisch, E., Pooch, U.: Cooperating security managers: A peer-based intrusion detection system. IEEE Network 10, 20–23 (1996)

    Article  Google Scholar 

  23. Porras, P., Neumann, P.: EMERALD: event monitoring enabling responses to anomalous live disturbances. In: Proceedings of the 1997 National Information Systems Security Conference (1997)

    Google Scholar 

  24. Toth, T., Kruegel, C.: Evaluating the impact of automated intrusion response mechanisms. In: 18th Annual Computer Security Applications Conference, Las Vegas, Nevada (December 9-13, 2002)

    Google Scholar 

  25. Nuevo, J.: A Comprehensible GloMoSim Tutorial (March 2004)

    Google Scholar 

  26. He, Q., Wu, D., Khosla, P.: SORI: A Secure and Objective Reputation-based Incentive Scheme for Ad-hoc Networks (2004)

    Google Scholar 

  27. Buchegger, S., Le Boudec, J.-Y.: Performance Analysis of the CONFIDANT Protocol Cooperation Of Nodes - Fairness In Dynamic Ad-hoc NeTworks. In: Proceedings of MobiHoc 2002, Lausanne (June 2002)

    Google Scholar 

  28. Buchegger, S., Le Boudee, J.-Y.: Self-Policing Mobile Ad Hoc Networks by Reputation Systems. IEEE Communications Magazine 43(7), 101–107 (2005)

    Article  Google Scholar 

  29. Lindsay, S.Y., Wei, Y., Zhu, H., Liu, K.J.R.: Information Theoretic Framework of Trust Modeling and Evaluation for Ad Hoc Networks. IEEE Journal on Selected Areas in Communications 24(2), 305–317 (2006)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Computer Security Laboratory, University of California, Davis, CA, 95616, USA

    Shiau-Huey Wang, Chinyang Henry Tseng, Karl Levitt & Matthew Bishop

Authors
  1. Shiau-Huey Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Chinyang Henry Tseng
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Karl Levitt
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Matthew Bishop
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Christopher Kruegel Richard Lippmann Andrew Clark

Rights and permissions

Reprints and permissions

Copyright information

© 2007 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Wang, SH., Tseng, C.H., Levitt, K., Bishop, M. (2007). Cost-Sensitive Intrusion Responses for Mobile Ad Hoc Networks. In: Kruegel, C., Lippmann, R., Clark, A. (eds) Recent Advances in Intrusion Detection. RAID 2007. Lecture Notes in Computer Science, vol 4637. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-74320-0_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-74320-0_7

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-74319-4

  • Online ISBN: 978-3-540-74320-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation