Mobile ad hoc networks (MANETs) are one of the fastest growing areas of research. By providing communications
in the absence of a fixed infrastructure MANETs are an
attractive technology for many applications. However, this flexibility introduces new
security threats. Furthermore the traditional way of protecting networks is not directy
applicable to MANETs. Many conventional security solutions are
ineffective and inefficient for the highly dynamic and resource-constrained environments where
MANET use might be expected.
Since prevention techniques are never enough, intrusion detection systems (IDSs), which monitor
system activities and detect intrusions, are generally used to complement other security mechanisms.
%due to the dynamic nature
%of MANETs, the lack of central points, and their highly constrained nodes.
How to detect intrusions effectively and efficiently on this highly
dynamic, distributed and resource-constrained environment is a challenging research problem.
In the presence of these complicating
factors humans are not particularly adept at making good
design choices. That is the reason we propose to use techniques from
artificial intelligence to help with this task.
We investigate the use of evolutionary computation techniques for synthesising intrusion detection programs on MANETs. We evolve programs to
detect the following attacks against MANETs: ad hoc flooding, route disruption, and dropping attacks.
The performance of evolved programs is evaluated on simulated networks. The results are also compared with hand-coded programs. A good IDS on MANETs should
also consider the resource constraints of the MANET environments. Power is one of the critical resources.
Therefore we apply multi-objective optimization techniques (MOO) to discover trade-offs between intrusion detection
ability and energy consumption of programs, and optimise these objectives simultaneously.
We also investigate a suitable IDS architecture for MANETs in this thesis. Different programs are evolved
for two architectures: local and cooperative detection in neighbourhood. Optimal trade-offs between intrusion
detection ability and resource usage (energy, bandwidth) of evolved programs are also discovered using MOO techniques.
![[thumbnail of SevilSen_Thesis.pdf]](https://etheses.whiterose.ac.uk/style/images/fileicons/text.png "SevilSen_Thesis.pdf")