Zone-based intrusion detection for mobile ad hoc networks

Ad-Hoc and Sensor Wireless Networks

Volumn 2, Issue 3, 2006, Pages 297-324

  Sun, Bo ^a   Wu, Kui ^b   Pooch, Udo W ^c  

^a Lamar University   (United States)

^b UNIVERSITY OF VICTORIA   (Canada)

^c TEXAS A AND M UNIVERSITY   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

EID: 85005954407     PISSN: 15519899     EISSN: 15520633     Source Type: Journal    
DOI: None     Document Type: Article

References (36)

1. Zhang, Y. and Lee, W. (2000). “Intrusion Detection in Wireless Ad Hoc Networks,” the 6th Annual International Conf. on Mobile Computing and Networking (ACM MobiCom’00), Boston, MA, 275-283.
2. Huang, Y., Fan, W., Lee, W. and Yu, P.S. (2003). “Cross-Feature Analysis for Detecting Ad-hoc Routing Anomalies,” Proc. of the 23rd International Conference on Distributed Computing Systems, Providence, RI, 478-487.
3. Sun, B., Wu, K. and Pooch, U. (2003). “Routing Anomaly Detection in Mobile Ad-Hoc Networks,” IEEE International Conference on Computer Communications and Networks (ICCCN’03), Dallas, TX, 25-31.
4. Sun, B., Wu, K. and Pooch, U. “Alert Aggregation in Mobile Ad-Hoc Networks,” ACM Wireless Security (WiSe’03), San Deigo, CA, 69-78.
5. Capkun, S., Hubaux, J.P. and Buttyn, L. (2003). “Mobility Helps Security in Ad Hoc Networks,” in Proc. of the 4th ACM Symposium on Mobile Ad Hoc Networking and Computing (MobiHOC 2003), Annapolis, MD, 46-56.
6. Goto, H., Mambo, M. Shizuya, H. and Watanabe, Y. (2001). “Evaluation of Tamper- Resistant Software Deviating from Structured Programming Rules,” in Information Security and Privacy (ACISP2001), Lecture Notes in Computer Science 2119, Springer-Verlag, 145-158.
7. Broch, J., Johnson, D. and Maltz, D. (2002). The Dynamic Source Routing Protocol for Mobile Ad hoc Networks, http://www.ietf.org/internet-drafts/draft-ietf-manet-dsr-07.txt, IETF Internet Draft.
8. Joa-Ng, M. and Lu, I. (1999). “A Peer-to-Peer zone-based two-level link state routing for mobile Ad Hoc Networks,” in IEEE Journal on Selected Areas in Communications, 17, 8, 1415-1425.
9. Zeng, X., Bagrodia, R. and Gerla, M. (1998). “GloMoSim: a Library for Parallel Simulation of Large-Scale Wireless Networks,” Proceedings of the 12th Workshop on Parallel and Distributed Simulations (PADS ’98), Banff, Canada, 154-161.
10. Linde, Y., Buzo, A. and Gray, R.M. (1980). “An Algorithm for Vector Quantizer Design,” IEEE Transactions on Communications, 702-710.
11. Cover, T. and Thomas, J. (1991). Elements of Information Theory, John Wiley & Sons.
12. Zhai, C. and Lafferty, J. (2001). “A Study of Smoothing Methods for Language Models Applied to Ad Hoc Information Retrieval,” in Proceedings of the 24th Annual International ACM SIGIR Conference on Research and Development in Information Retrieval (SIGIR 2001), New Orleans, LA, 334-342.
13. Marti, S., Giuli, T., Lai, K. and Baker, M. (2000). “Mitigating Routing Misbehavior in Mobile Ad Hoc Networks,” the 6th Annual International Conf. on Mobile Computing and Networking (ACM MobiCom’00), Boston, MA, 255-265.
14. Jha, S., Tan, K. and Maxion, R. (2001). “Markov chains, classifiers, and intrusion detection,” in the Proc. of 14th IEEE Computer Security Foundations Workshop, Cape Breton, Nova Scotia, Canada, 206-219.
15. Nassehi, M. (1998). “Anomaly detection for markov models,” Technical Report RZ 3011(#93057), IBM Research Division, Zurich Research Laboratory.
16. Nong, Y. (2000). “A Markov Chain Model of Temporal Behavior for Anomaly Detection,” in Proc. of the 2000 IEEE Workshop on Information Assurance and Security, United States Military Academy, West Point, NY, 171-174.
17. Warrender, C., Forrest, S. and Pearlmutter, B. (1999). “Detecting intrusions using system calls: Alternative data models,” in Proc. of 1999 IEEE Symposium on Research in Security and Privacy, 133-145.
18. Debar, H., Dacier, M. and Wespi, A. (2000). “A Revised Taxonomy for Intrusion-Detection Systems,” Annales des Tlcommunications, 55, 361-378.
19. Lee, W. and Xiang, D. (2001). “Information-theoretic measures for anomaly detection,” in Proc. 2001 IEEE Symposium on Security and Privacy, Oakland, CA, 130-143.
20. Curry, D. and Debar, H. “Intrusion Detection Message Exchange Format Data Model and Extensible Markup Language (XML) Document Type Definition,” Internet Draft.
21. Anderson, J.P. (1980). “Computer Security Threat Monitoring and Surveillance,” Technical Report, James P. Anderson Co., Fort Washington, PA.
22. Denning, D.E. (1987). “An Intrusion-Detection Model,” IEEE Transactions on Software Engineering, 13, 7, 222-232.
23. Porras, P. and Valdes, A. (1998). “Live Traffic Analysis of TCP/IP Gateways,” Proceedings of the 1998 ISOC Symposium on Network and Distributed System Security (NDSS’98), San Diego, CA.
24. Internet Security Systems, (2003). “RealSecure Network Protection,” Available at http://www.iss.net/products services/enterpriseprotection/rsnetwork.
25. Porras, P.A. and Kemmerer, R. (1992). “Penetration State Transition Analysis C a Rule-Based Intrusion Detection Approach,” Proceedings of the 8th Annual Computer Security Application Conference, 220-229.
26. Ilgun, K. (1993). “Ustat: A Real-time Intrusion Detection System for Unix,” Proceedings of IEEE Symposium on Research in Security and Privacy, Oakland, CA, 16-28.
27. Lindqvist, U. and Porras, P.A. (1999). “Detecting Computer and Network Misuse through the Production-Based Expert System Toolset (P-BEST),” Proceedings of the 1999 IEEE Symposium on Security and Privacy, Oakland, CA, 146-161.
28. Debar, H. and Wespi, A. (2001). “Aggregation and Correlation of Intrusion-detection Alerts,” in Proc. of the 4th International Symposium on Recent Advances in Intrusion Detection (RAID 2001), Davis, CA, 85-103.
29. Cuppens, F. (2001). “Managing Alerts in a Multi-intrusion Detection Environment,” in 17th Annual Computer Security Applications Conference, New Orleans, Louisiana.
30. Cuppens, F. and Mige, A. (2002). “Alert Correlation in a Cooperative Intrusion Detection Framework,” in IEEE Symposium on Security and Privacy, Berkeley, CA, 202-215.
31. Valdes, A. and Skinner, K. (2001). “Probabilistic Alert Correlation,” in Proc. of the Fourth International Workshop on the Recent Advances in Intrusion Detection (RAID 2001), Davis, USA, 54-68.
32. Ning, P., Cui, Y. and Reeves, D.S. (2002). “Analyzing Intensive Intrusion Alerts Via Correlation,” in Proc. of the 5th International Symposium on Recent Advances in Intrusion Detection (RAID 2002), LNCS 2516, Zurich, Switzerland, 74-94.
33. Morin, B., M L. Debar, H. and Ducass, M. (2002). “M2D2: A Formal Data Model for IDS Alert Correlation,” in Proc. of the 5th Int. Symp. on Recent Advances in Intrusion Detection (RAID’02), LNCS 2516, Zurich, Switzerland, 115-137.
34. Samfat, D. and Molva, R. (1997). “IDAMN: An Intrusion Detection Architecture for Mobile Networks,” IEEE Journal on Selected Areas in Communications, 15, 7, 1373-1380.
35. Huang, Y. and Lee, W. (2003). “A Cooperative Intrusion Detection System for Ad Hoc Networks,” Proceedings of the ACM Workshop on Security of Ad Hoc and Sensor Networks (SASN’03), Fairfax VA, 135-147.
36. Stojmenovic, I. (2002). “Position based routing in ad hoc networks,” IEEE Commmunications Magazine, 40, 7, 128-134.