Abstract
Intrusion Detection Systems (IDS) for adhoc networks need secure, reliable, flexible, and lightweight infrastructures for exchanging available sensor data and security event messages. Cooperation is a major concept of Mobile Adhoc Networks (MANETs). Cooperation of intrusion detection components may also help to protect these networks. The approaches and component infrastructures have to consider bandwidth restrictions and highly dynamic network behaviour. Unfortunately, existing infrastructures and communication protocols have some drawbacks for these kinds of environments.
This paper describes a robust SNMPv3 (Simple Network Management Protocol) based implementation of an IDS infrastructure that connects the components of a generic MANET IDS architecture. This implementation is focused on the requirements of a military tactical scenario. For instance, the adherence of the bandwidth constraints has been shown in a traffic simulation, including all relevant protocols and other properties of a specific tactical MANET scenario and its nodes.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Albers, P., Camp, O., Percher, J.-M., Jouga, B., Mé, L., Puttini, R.: Security in Adhoc Networks: a General Intrusion Detection Architecture Enhancing Trust Based Approaches. In: Proc. of the First International Workshop on Wireless Information Systems (WIS 2002) (April 2002)
Blumenthal, U., Wijnen, B.: RFC 3414: User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3) (December 2002), http://www.ietf.org/rfc/rfc3414.txt
Case, J., Fedor, M., Schoffstall, M., Davin, J.: RFC 1067: Simple Network Management Protocol (August 1988), http://www.ietf.org/rfc/rfc1067.txt
Clausen, T., Jacquet, P.: RFC 3626: Optimized Link State Routing Protocol (OLSR) (October 2003), http://www.ietf.org/rfc/rfc3626.txt
Crosbie, M., Spafford, E.: Active Defense of a computer system using autonomous agents. Technical report, The COAST Group, Department of Computer Science, Purdue University, West Lafayette, IN (Feburary 1995)
Debar, H., Curry, D., Feinstein, B.: Intrusion Detection Message Exchange Format - Data Model and Extensible Markup Language (XML) Document Type Definition. IETF Internet Draft draft-ietf-idwg-idmef-xml-14.txt (January 2005)
Feinstein, B., Matthews, G., White, J.: The Intrusion Detection Exchange Protocol. IETF Internet Draft draft-ietf-idwg-beep-idxp-07.txt (October 2002)
Hong, X., Gerla, M., Pei, G.: A Group Mobility Model for Ad hoc Wireless Networks. In: Proc. of ACM/IEEE MSWiM 1999 (August 1999)
Huang, Y., Lee, W.: A Cooperative Intrusion Detection System for Adhoc Networks. In: Proc. of the ACM Workshop on Security of Adhoc and Sensor Networks (2003)
Jahnke, M.: An Open and Secure Infrastructure for Distributed Intrusion Detection Sensors. In: Proc. of the Regional Conference on Military Communication and Information Systems (RCMCIS 2002), Zegrze, Poland (October 2002)
Jahnke, M., Tölle, J., Bussmann, M., Henkel, S.: Cooperative Intrusion Detection in Dynamic Coalition Environments. In: Proc. of the NATO/RTO Symposium on Adaptive Defence in Unclassified Networks (IST-041), Toulouse, France (April 2004)
Kent, S., Atkinson, R.: RFC 2401: Security Architecture for the Internet Protocol (November 1998), http://www.ietf.org/rfc/rfc2401.txt
Kargl, F.: Sicherheit in mobilen Adhoc-Netzwerken. Ph.D. thesis, Ulm University, Germany (2003)
Kargl, F., Schlott, S., Weber, P.: Sensors for Detection of Misbehaving Nodes in MANETs. PIK 01/2005 (Janurary 2005)
Lim, Y., Schmoyer, T., Levine, J., Owen, H.: Wireless Intrusion Detection and Response. In: Proc. of the 2003 IEEE Workshop on Information Assurance, West Point, NY, USA (June 2003)
NATO Standardization Agreement (STANAG) No. 4591 (April 2004)
Network Simulator 2, http://www.isi.edu/nsnam/ns/
Puttini, R., Percher, J.-M., Mé, L., de Sousa, R.: A Fully Distributed IDS for MANET. In: Proc. of the 9th IEEE Symposium on Computers and Communications (ISCC 2004) (June 2004)
Rose, M.: RFC 3080: The Blocks Extensible Exchange Protocol Core (March 2001), http://www.ietf.org/rfc/rfc3080.txt
Sterne, D., Balasubramanyam, P., Carman, D., Wilson, B., Talpade, R., Ko, C., Balupari, R., Tseng, C.-Y., Bowen, T., Levitt, K., Rowe, J.: A General Cooperative Intrusion Detection Architecture for MANETs. In: Proc. of the 2005 IEEE International Workshop on Information Assurance, Maryland University (March 2005)
Net-SNMP package homepage (accessed, January 2006), http://www.net-snmp.org
Spafford, E., Zamboni, D.: Intrusion detection using autonomous agents. Computer Networks 34, 547–570 (2000)
Yan, Zhang, P., Virtanen, T.: Trust Evaluation Based Security Solution in Adhoc Networks. Nokia Research Center, Helsinki, Finland
Zhang, Y., Lee, W.: Intrusion Detection in Wireless Adhoc Networks. In: Proc. of the 6th Annual International Conference on Mobile Computing and Networking (MOBICOM) (2000)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Jahnke, M., Tölle, J., Lettgen, S., Bussmann, M., Weddige, U. (2006). A Robust SNMP Based Infrastructure for Intrusion Detection and Response in Tactical MANETs. In: Büschkes, R., Laskov, P. (eds) Detection of Intrusions and Malware & Vulnerability Assessment. DIMVA 2006. Lecture Notes in Computer Science, vol 4064. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11790754_10
Download citation
DOI: https://doi.org/10.1007/11790754_10
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-36014-8
Online ISBN: 978-3-540-36017-9
eBook Packages: Computer ScienceComputer Science (R0)