[ABS12] Log based link spoofing detection in manet

Rapport du Laboratoire : Date de dépot: 2012/02/29, Nb pages 6,

Mots clés: manet, intrusion detection

Résumé: Ad hoc networks mostly operate over open environments and are hence vulnerable to a large body of threats. This calls for coupling preventive mechanisms, e.g., firewall, with advanced intrusion detection. To meet this requirement, we introduce IDAR, a signature- and log-based distributed intrusion detector dedicated to ad hoc routing protocols. Contrary to existing systems that observe packets, IDAR analyses logs and identifies patterns of misuse. This detector scopes with the resource-constraints of devices by providing distributed detection. In particular, depending on the level of suspicion/gravity involved, in-depth cooperative investigation is whether launched. Simulation shows limited bandwidth usage, high detection and low false positives.

Equipe: roc


@techreport {
title="{Log based link spoofing detection in manet}",
author="M. Alattar and J. Bourgeois and F. Sailhan",
institution="{CEDRIC laboratory, CNAM-Paris, France}",