ARCHITECTURE FOR INTRUSION DETECTION IN MANET in VS .NET

Printer Code 128B in VS .NET ARCHITECTURE FOR INTRUSION DETECTION IN MANET
54 ARCHITECTURE FOR INTRUSION DETECTION IN MANET
Code 128 Code Set C Recognizer In VS .NET
Using Barcode Control SDK for Visual Studio .NET Control to generate, create, read, scan barcode image in Visual Studio .NET applications.
Figure 56 Hierarchical IDS
Make Code128 In VS .NET
Using Barcode printer for Visual Studio .NET Control to generate, create Code 128 Code Set A image in .NET framework applications.
Section 5431 potential approaches for forming the hierarchy in a way that is well suited to the MANET environment Another potential feature of the hierarchical approach is that, if the hierarchy is formed in a way that nodes are just one hop away from their parent IDS, data and alerts can be shared through messages that are broadcast to its direct neighbors This allows the IDS architecture to operate even in the absence of routing If the attacker has completely disrupted the routing process the IDS may be able to detect the attacker and recover from it by isolating the intruder and allowing the routing protocol to recover and resume The key advantage of the hierarchical approach is it incurs much less overhead as compared with the peer-to-peer approach because nodes need to communicate with a smaller number of nodes Intrusion detection data is shared in an orderly and ef cient manner This allows IDS information to propagate throughout the network very ef ciently At each level data aggregation and consolidation can further reduce the overhead This is preferable to having every node share the same data with every other node as is done in the peer-to-peer architecture The ef cient transmission of IDS consolidated data in the hierarchical architecture also allows for raw IDS data to be shared among nodes in the network This may make it possible for detection algorithms to detect attacks that cannot be detected by the peer-to-peer architecture The disadvantage of the hierarchical approach is that it is prone to Byzantine attacks from IDS nodes Nodes that become a leader take on critical responsibility for the intrusion detection process because they are responsible for collecting and correlating intrusion detection information within neighborhoods and across neighborhoods and coordinating dissemination of alerts If one of those nodes is taken over by a malicious user it can cause a lot of harm One possible way to do so is by falsely accusing well-behaved nodes of malicious behavior Such false accusations may lead nodes in the neighborhood to consider the falsely accused nodes as malicious A leader may also attempt to convince leaders in other neighborhoods that a well-behaved node is malicious If such an attempt is successful, the falsely accused nodes may end up getting completely isolated by the
ANSI/AIM Code 128 Scanner In VS .NET
Using Barcode recognizer for VS .NET Control to read, scan read, scan image in .NET framework applications.
INTRUSION DETECTION SYSTEMS
Bar Code Printer In Visual Studio .NET
Using Barcode encoder for VS .NET Control to generate, create bar code image in Visual Studio .NET applications.
network One solution to this problem is the election of back-up leaders that monitor the main leader and interfere if they detect malicious behavior from the leader This requires some kind of a voting scheme to ensure that a single malicious leader cannot cause a signi cant amount of harm This of course increases the overhead of the approach because IDS data and alerts need to be sent both to the primary and back-up leaders, limiting the bene ts of the hierarchical approach To resist the compromise of multiple leaders, a large number of back-up leaders is required If every node ends up playing the role of a leader or a back-up leader then the hierarchical scheme becomes very resistant but ends up behaving as the peer-to-peer approach exhibiting the same advantages and disadvantages The other challenge of the hierarchical scheme is that, due to mobility, connectivity changes, failures, and so on, it may be challenging to maintain the hierarchy and ensure correct operation of the IDS hierarchy For example, it may be necessary in several instances for a new leader to be elected for a neighborhood either to increase ef ciency or just because a leader has moved out of range The result is that, for a brief period of time, a neighborhood may operate without a leader, making the IDS unavailable in that neighborhood This may introduce a window of vulnerability that a malicious user may attempt to exploit to launch an attack Another related problem with the hierarchical approach is that, as the intrusion detection data and alerts ow through a potentially changing hierarchy, it may take a signi cant amount of time for the hierarchy to correlate the data and detect an attack This results in increasing the detection latency of the architecture (especially compared with the peer-to-peer approach) 543 Key Novel Concepts for Cooperative Intrusion Detection in MANET
Recognize Barcode In .NET
Using Barcode reader for VS .NET Control to read, scan read, scan image in VS .NET applications.
As discussed earlier, IDS in a MANET needs to be based on cooperative approaches in which most if not all nodes play some part in the intrusion detection process Because of the importance of the cooperative approaches, we focus in this section on speci c novel cooperative schemes that have been proposed In particular we consider:
Painting Code 128 Code Set C In Visual C#.NET
Using Barcode maker for .NET framework Control to generate, create Code 128B image in .NET applications.
clustering, which is a scheme that has been proposed for organizing nodes in a hierarchy; reputation schemes that allow good or bad reputation of nodes to be shared across the network; schemes that encourage node cooperation by providing incentives
Code128 Maker In .NET Framework
Using Barcode creation for ASP.NET Control to generate, create Code 128 Code Set B image in ASP.NET applications.
5431 Clustering One of the key questions in a cooperative intrusion architecture is related to the organization of nodes If every node is required to cooperate with every other node (as in a peer-to-peer architecture) without a structured organization, then overheads will grow proportionally to the square of the number of nodes Rather than assuming a completely at structure, it may be possible to organize nodes in a hierarchy by forming groups ef ciently, leading to reduced communication overheads (as discussed in Section 5422) We would like to remark here that it is critical to organize the groups appropriately in order to achieve a signi cant reduction in overhead This problem of designing groups ef ciently is a fundamental problem that has been the focus of research in MANET and which has been considered especially in relation to routing The same concepts can be adapted for the intrusion detection function When designing the clustering schemes for detection, researchers have tried to exploit several
Encoding Code 128C In VB.NET
Using Barcode creator for .NET Control to generate, create Code 128 Code Set A image in VS .NET applications.
Drawing Code 128 Code Set B In VS .NET
Using Barcode drawer for VS .NET Control to generate, create Code 128 Code Set B image in .NET framework applications.
Bar Code Drawer In .NET
Using Barcode generation for .NET framework Control to generate, create barcode image in Visual Studio .NET applications.
Encoding EAN / UCC - 13 In Visual C#
Using Barcode encoder for .NET framework Control to generate, create GTIN - 128 image in VS .NET applications.
Code 39 Full ASCII Drawer In Java
Using Barcode creation for Java Control to generate, create Code39 image in Java applications.
Create UPC - 13 In Visual Studio .NET
Using Barcode generator for ASP.NET Control to generate, create EAN-13 image in ASP.NET applications.
Code 128B Creation In Java
Using Barcode creation for Java Control to generate, create Code 128 Code Set B image in Java applications.