loading
Papers

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Marianne Azer 1 ; Sherif El-Kassas 2 and Magdy El-Soudani 3

Affiliations: 1 National Telecommunication Institute, Egypt ; 2 American University in Cairo, Egypt ; 3 Faculty of Engineerin, Cairo University, Egypt

ISBN: 978-972-8865-63-4

Keyword(s): Anomaly detection, attack graphs, intrusion detection, security in ad hoc networks.

Related Ontology Subjects/Areas/Topics: Information and Systems Security ; Intrusion Detection & Prevention

Abstract: Ad hoc networks have lots of applications; however, a vital problem concerning their security aspects must be solved in order to realize these applications. Hence, there is a strong need for intrusion detection as a frontline security research area for ad hoc networks security. Among intrusion detection techniques, anomaly detection is advantageous since it does not need to store and regularly update profiles of known attacks. In addition the intrusion detection is not limited to the stored attack profiles, which allows the detection of new attacks. Therefore, anomaly detection is more suitable for the dynamic and limited resources nature of ad hoc networks. For appropriately constructed network models, attack graphs have shown their utility in organizing combinations of network attacks. In this paper, we suggest the use of attack graphs in ad hoc networks. As an example, we give an attack graph that we have created for the wormhole attack. For anomaly prediction, correlation, and det ection in ad hoc networks, we suggest the use of two methods that rely basically on attack graphs. The first method is based on the attack graph adjacency matrix and helps in the prediction of a single or multiple step attack and in the categorization of intrusion alarms’ relevance. The second method uses the attack graph distances for correlating intrusion events and building attack scenarios. Our approach is more appropriate to ad hoc networks’ collaborative and dynamic nature, especially at the application level. (More)

PDF ImageFull Text

Download
CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 3.233.224.8

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Azer M.; El-Kassas S.; El-Soudani M. and (2006). USING ATTACK GRAPHS IN AD HOC NETWORKS - For Intrusion Prediction Correlation and Detection.In Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2006) ISBN 978-972-8865-63-4, pages 63-68. DOI: 10.5220/0002097700630068

@conference{secrypt06,
author={Marianne Azer and Sherif El{-}Kassas and Magdy El{-}Soudani},
title={USING ATTACK GRAPHS IN AD HOC NETWORKS - For Intrusion Prediction Correlation and Detection},
booktitle={Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2006)},
year={2006},
pages={63-68},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002097700630068},
isbn={978-972-8865-63-4},
}

TY - CONF

JO - Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2006)
TI - USING ATTACK GRAPHS IN AD HOC NETWORKS - For Intrusion Prediction Correlation and Detection
SN - 978-972-8865-63-4
AU - Azer, M.
AU - El-Kassas, S.
AU - El-Soudani, M.
PY - 2006
SP - 63
EP - 68
DO - 10.5220/0002097700630068

Login or register to post comments.

Comments on this Paper: Be the first to review this paper.