Mobile ad hoc Networks (Manet) are very vulnerable to malicious attacks due to the nature of mobile computing environment such as absence of fixed infrastructures, wireless communication channels, limited power and bandwidth, dynamically changing and distributed network topology, etc. The general existing Intrusion Detection Systems (IDS) have provided little evidence that they are applicable to a broader range threats. Based on the generalized and cooperative intrusion detection architecture, we present an anomaly detection mechanism aiming at multiple malicious attacks by monitoring multi-layer activities, which is independent with a particular routing protocol. By collecting multi-layer observation sequences, Hidden semi-Markov Model (HSMM) is explored to describe the network behaviors of legitimate nodes and to implement the anomaly detection for various existing and unknown malicious attacks. We have conducted extensive experiments using the ns-2 simulation environment to evaluate and validate our research.

• 出版日期2009
• 单位中山大学