Comparative Study of Intrusion Detection System for Mobile Ad Hoc Networks
Comparative Study of Intrusion Detection System for Mobile Ad-Hoc Networks
Eyad R. Manaa, Mahmoud Al-Madhoun and Mahmoud A. Ghanem. Supervisor: Dr. Ayman A. AbuSamra * Abstract In wireless networks the security concerns are considered an important issue, various techniques are used for that purpose. Traditional security mechanisms (authentication, encryption) provide an abstract level of security but some reactive security mechanisms and deep level of inspection is always required. Here some basic intrusion detection systems are discussed and analyzed, and we have shown the advantages and limitations of each technique through a specific comparison between that techniques. And finally we have talked in some details about the HawkEye IDS and we have shown its architecture and mechanism of work, and talked about its advantages over the other IDS we have discussed.
Keywords: Intrusion Detection System (IDS), Mobile Ad Hoc Networks (MANET), Denial of Service, HawkEye.
INTRODUCTION
The subject of Intrusion Detection Systems (IDS) on computer networks has become a topic of great importance for research. Threats against private and public networks are mounting daily thereby, increasing the need for Intrusion Detection Systems (IDS) on network systems throughout the corporate world. IDS serve as a means of identifying, monitoring, blocking and reporting anomalous behavior and unauthorized use of data existing on computer networks. In short, IDS function is to safeguard distributed computing environments that are managed and controlled by a particular network. IDS accomplish their objective by performing through checks on the content of each and every packet, traveling through a given network in efforts to detect intrusions.
This monitoring process provides better security than a firewall could. IDS handle traffic and information, logging every application as it travels through a particular
Eyad R. Manaa, Mahmoud Al-Madhoun and Mahmoud A. Ghanem. Supervisor: Dr. Ayman A. AbuSamra * Abstract In wireless networks the security concerns are considered an important issue, various techniques are used for that purpose. Traditional security mechanisms (authentication, encryption) provide an abstract level of security but some reactive security mechanisms and deep level of inspection is always required. Here some basic intrusion detection systems are discussed and analyzed, and we have shown the advantages and limitations of each technique through a specific comparison between that techniques. And finally we have talked in some details about the HawkEye IDS and we have shown its architecture and mechanism of work, and talked about its advantages over the other IDS we have discussed.
Keywords: Intrusion Detection System (IDS), Mobile Ad Hoc Networks (MANET), Denial of Service, HawkEye.
INTRODUCTION
The subject of Intrusion Detection Systems (IDS) on computer networks has become a topic of great importance for research. Threats against private and public networks are mounting daily thereby, increasing the need for Intrusion Detection Systems (IDS) on network systems throughout the corporate world. IDS serve as a means of identifying, monitoring, blocking and reporting anomalous behavior and unauthorized use of data existing on computer networks. In short, IDS function is to safeguard distributed computing environments that are managed and controlled by a particular network. IDS accomplish their objective by performing through checks on the content of each and every packet, traveling through a given network in efforts to detect intrusions.
This monitoring process provides better security than a firewall could. IDS handle traffic and information, logging every application as it travels through a particular
References: [10] Yi-an Huang, Wenke Lee, “A Cooperative Intrusion Detection System for Ad Hoc Networks”, in Proceedings of the 1st ACM workshop on Security of ad hoc and sensor networks (SASN), Fairfax, Virginia, October 31, 2003.