Sen, Sevil (2010) Evolutionary Computation Techniques for Intrusion Detection in Mobile Ad Hoc Networks. PhD thesis, University of York.
Available under License Creative Commons Attribution-Noncommercial-No Derivative Works 2.0 UK: England & Wales.
Mobile ad hoc networks (MANETs) are one of the fastest growing areas of research. By providing communications in the absence of a fixed infrastructure MANETs are an attractive technology for many applications. However, this flexibility introduces new security threats. Furthermore the traditional way of protecting networks is not directy applicable to MANETs. Many conventional security solutions are ineffective and inefficient for the highly dynamic and resource-constrained environments where MANET use might be expected. Since prevention techniques are never enough, intrusion detection systems (IDSs), which monitor system activities and detect intrusions, are generally used to complement other security mechanisms. %due to the dynamic nature %of MANETs, the lack of central points, and their highly constrained nodes. How to detect intrusions effectively and efficiently on this highly dynamic, distributed and resource-constrained environment is a challenging research problem. In the presence of these complicating factors humans are not particularly adept at making good design choices. That is the reason we propose to use techniques from artificial intelligence to help with this task. We investigate the use of evolutionary computation techniques for synthesising intrusion detection programs on MANETs. We evolve programs to detect the following attacks against MANETs: ad hoc flooding, route disruption, and dropping attacks. The performance of evolved programs is evaluated on simulated networks. The results are also compared with hand-coded programs. A good IDS on MANETs should also consider the resource constraints of the MANET environments. Power is one of the critical resources. Therefore we apply multi-objective optimization techniques (MOO) to discover trade-offs between intrusion detection ability and energy consumption of programs, and optimise these objectives simultaneously. We also investigate a suitable IDS architecture for MANETs in this thesis. Different programs are evolved for two architectures: local and cooperative detection in neighbourhood. Optimal trade-offs between intrusion detection ability and resource usage (energy, bandwidth) of evolved programs are also discovered using MOO techniques.
|Item Type:||Thesis (PhD)|
|Keywords:||intrusion detection, mobile ad hoc networks, evolutionary computation, genetic programming, grammatical evolution, multi-objective optimization|
|Academic Units:||The University of York > Computer Science (York)|
|Depositing User:||Sevil Sen|
|Date Deposited:||19 Oct 2010 15:38|
|Last Modified:||08 Aug 2013 08:45|