Agent-Based Intrusion Detection in Wireless Networks

Abstract

Key Terms in this Chapter

MANET: A network consisting of a collection of mobile nodes that communicate with each other via wireless links without the help of any pre-existing infrastructure.

AODV: The ad-hoc on-demand distance vector is a reactive routing protocol that enables multi-hop, self-starting and dynamic routing in MANET.

Grayhole: A variation of the blackhole attack in which the malicious node adopts a selective packet dropping.

Blackhole: An active DoS (denial of service) attack in which a malicious node exploits the routing protocols such as AODV to advertise itself as having a valid and good path to the destination node with the goal of dropping the absorbed packets.

Intrusion Detection System: A software or hardware system that automate the process of monitoring the events occurring in a computer system or network, analysing them for signs of security problems. It can monitor and collect data from a target system (host or network), process and correlate the gathered information, and can initiate responses when evidence of an intrusion is detected.

DSR: The dynamic source routing is similar to AODV but has the additional feature of source routing.

Security Threats: Are tools, techniques, or methods that can cause unwanted incidents, and potentially result in damaging the network.

False Negatives: Cases where no alerts are raised when real intrusion attempts are present.

True Positives: IDS alerts that are raised for real intrusion attempts.

True Negatives: Cases where no alerts are raised, and no intrusion attempts are present.

Intrusion: Any set of actions that attempt to compromise the integrity, confidentiality, or the availability of a resource.

False Positives: IDS alerts that are raised on non-intrusive behaviours.