%0 Journal Article
%T Specification-based Distributed Detection for Mobile Ad Hoc Networks
基于规范的移动Ad Hoc网络分布式入侵检测
%A WANG Fang
%A YI Ping
%A WU Yue
%A WANG Zhi-yang
%A
王芳
%A 易平
%A 吴越
%A 王之旸
%J 计算机科学
%D 2010
%I
%X Mobile ad hoc networks are highly vulnerable to attacks due to the open medium, dynamically changing network topology, cooperative algorithms, lack of centralized monitoring and management point. The traditional way of protecting networks with firewalls and encryption software is no longer sufficient and effective for those features. We proposed a distributed intrusion detection approach based on finish state machine(FSM). A cluster-based detection scheme was presented,where periodically a node is elected as the monitor node for a cluster. These monitor nodes can not only make local intrusion detection decisions, but also cooperatively take part in global intrusion detection. And then we constructed the finite state machine(FSM) by the way of manually abstracting the correct behaviours of the node according to the routing protocol of Dynamic Source Routing(DSR). The monitor nodes can verify every node's behaviour by the FSM, and validly detect real-time attacks without signatures of intrusion or trained data. Compared with the architecture where each node is its own IDS agent, our approach is much more efficient while maintaining the same level of effectiveness. Finally, we evaluated the intrusion detection method through simulation experiments.
%K Mobile ad hoc networks
%K Routing protocol
%K Network security
%K Intrusion detection
%K Finite state machine
移动ad
%K hoc网络,路由协议,网络安全,入侵检测,有限状态机
%U http://www.alljournals.cn/get_abstract_url.aspx?pcid=5B3AB970F71A803DEACDC0559115BFCF0A068CD97DD29835&cid=8240383F08CE46C8B05036380D75B607&jid=64A12D73428C8B8DBFB978D04DFEB3C1&aid=025A89E4E006325B345A8193F7519BB7&yid=140ECF96957D60B2&vid=42425781F0B1C26E&iid=F3090AE9B60B7ED1&sid=7F5DDA4924737DF5&eid=B62E0EEFE746E568&journal_id=1002-137X&journal_name=计算机科学&referenced_num=0&reference_num=0