AN ARCHITECTURE FOR INTRUSION DETECTION AND ACTIVE RESPONSE USING AUTONOMOUS AGENTS IN MOBILE AD HOC NETWORKS

Ping yi, Shiyong Zhang, Yiping Zhong

Abstract

This paper focuses on investigating immunological principles in designing the multi-agent security architecture for intrusion detection and response in mobile ad hoc networks. In this approach, the immunity-based agents monitor the situation in the network. These agents can take appropriate actions according to the underlying security policies. Specifically, their activities are coordinated in a hierarchical fashion while sensing, communicating, decision and generating responses. Such an agent can learn and adapt to its environment dynamically and can detect both known and unknown intrusions. The proposed intrusion detection architecture is designed to be flexible, extendible, and adaptable that can perform real-time monitoring. This paper provides the conceptual view and a general framework of the proposed system. In the end, the architecture is illustrated by an example to show it can prevent the attack efficiently.

References

  1. S. Corson, J. Macker, 1999, Mobile ad hoc networking (MANET): Routing protocol performance issues and evaluation considerations, RFC 2501, January 1999
  2. Srdjan Capkun, Levente Nuttyan, Jean-Pierre Hubaux, 2003, Self-organized public-key management for mobile ad hoc networks, IEEE Transactions on Mobile Computing, 2(2003)1, 52-64
  3. Lidong Zhou, Zygmunt J. Haas, 1999, Securing ad hoc networks, IEEE Networks Special Issue on Network Security, 13(1999)6, 24-30
  4. P.Papadimitratos, Z.Haas, 2002, Secure routing for mobile ad hoc networks, in Proceedings of the SCS communication Networks and Distributed Systems Modeling and Simulation Conference, San Antonio, TX, January 27-31,2002
  5. Yih-Chun Hu, Adrian Perrig, David B. Johnson, 2002, Ariadne: A secure on-demand routing protocol for ad hoc networks, in Proceedings of the MobiCom 2002, Atlanta, Georgia, USA, September 23-28, 2002, 12-23
  6. Kimaya Sanzgiri, Bridget Dahill, Brian Neil Levine, Clay Shields, Elizabeth M. Belding-Royer, 2002, A secure routing protocol for ad hoc networks, in Proceedings of 2002 IEEE International Conference on Network Protocols (ICNP), Paris, France, November 12-15, 2002, 78-86
  7. Yih-Chun Hu, David B. Johnson, and Adrian Perrig, 2002, SEAD: Secure efficient distance vector routing for
  8. the 4th IEEE Workshop on Mobile Computing
  9. Systems & Applications (WMCSA 2002), Calicoon,
  10. NY, June 2002, 3-13
  11. Yongguang Zhang, Wenke Lee, 2003, Intrusion Detection Techniques for Mobile Wireless Networks, Wireless Networks, 9(2003)5, 545-556
  12. S. Forrest, S. Hofmeyr, and A. Somayaji, 1997, Computer Immunology, Communications of the ACM, 40(1997)10, 88-96
  13. S.Hofmeyr , S.Forrest , 1999, Immunity by design: An artificial immune system, In Proceedings of the Genetic and Evolutionary Computation Conference (GECCO), Morgan-Kaufmann, San Francisco, CA, 1999, 1289-1296
  14. S. Hofmeyr, S. Forrest, 2000, Architecture for an artificial immune system, Evolutionary Computation Journal 8(2000)4, 443-473
  15. S. Forrest, A.S. Perelson, L. Allen, R. Cherukuri, 1994, Self-nonself discrimination in a computer, In Proceedings of the 1994 IEEE Symposium on Security and Privacy, Oakland, CA, May 16 - 18, 1994, 202-214
  16. J.Kim, P. J.Bentley, 1999, Negative selection and niching by an artificial immune system for network intrusion detection, Genetic and Evolutionary Computation Conference (GECCO 7899), Orlando, Florida, July 13- 17,1999,149-158
  17. Dipankar Dasgupta, 1999, Immunity-based intrusion detection systems: A general framework, In the proceedings of the 22nd National Information Systems Security Conference (NISSC), Arlington, Virginia, USA, October 18-21, 1999,147-160
  18. Ping Yi, Yichuan Jiang , Yiping Zhong, Shiyong Zhang, 2005, Distributed Intrusion Detection for mobile ad hoc networks, The 2005 International Symposium on Applications and the Internet (SAINT2005), Trento, Italy, January 31 - February 4, 2005
Download


Paper Citation


in Harvard Style

yi P., Zhang S. and Zhong Y. (2005). AN ARCHITECTURE FOR INTRUSION DETECTION AND ACTIVE RESPONSE USING AUTONOMOUS AGENTS IN MOBILE AD HOC NETWORKS . In Proceedings of the Seventh International Conference on Enterprise Information Systems - Volume 4: ICEIS, ISBN 972-8865-19-8, pages 220-226. DOI: 10.5220/0002512902200226


in Bibtex Style

@conference{iceis05,
author={Ping yi and Shiyong Zhang and Yiping Zhong},
title={AN ARCHITECTURE FOR INTRUSION DETECTION AND ACTIVE RESPONSE USING AUTONOMOUS AGENTS IN MOBILE AD HOC NETWORKS},
booktitle={Proceedings of the Seventh International Conference on Enterprise Information Systems - Volume 4: ICEIS,},
year={2005},
pages={220-226},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002512902200226},
isbn={972-8865-19-8},
}


in EndNote Style

TY - CONF
JO - Proceedings of the Seventh International Conference on Enterprise Information Systems - Volume 4: ICEIS,
TI - AN ARCHITECTURE FOR INTRUSION DETECTION AND ACTIVE RESPONSE USING AUTONOMOUS AGENTS IN MOBILE AD HOC NETWORKS
SN - 972-8865-19-8
AU - yi P.
AU - Zhang S.
AU - Zhong Y.
PY - 2005
SP - 220
EP - 226
DO - 10.5220/0002512902200226