Combining Passive Autoconfiguration and Anomaly-based Intrusion Detection in Ad-hoc Networks
Autor: L. Völker, S. Schuhmann Links:
Quelle: 8th International Workshop on Applications and Services in Wireless Networks (ASWN2008), 87-95, Kassel, Germany, Oktober 2008
Two essential services of Ad-hoc networks are IP Address Autoconfiguration and Intrusion Detection Systems. Since both Autoconfiguration and Intrusion Detection may base their decisions on routing protocol anomalies, their dependencies can cause problems. In this paper we present our design to efficiently combine Autoconfiguration and Intrusion Detection, and present our enhancements in attack detection for an Autoconfiguration system. We have identified anomalies indicating specific attacks, implemented suitable anomaly detectors, and evaluated our system. The results show that it is possible to detect both the attacks and IP address conflicts in an efficient way.