Convergence Security Journal (융합보안논문지)

Korea convergence Security Association (한국융합보안학회)
권호 표지
DOI QR코드

DOI QR Code

A Study on Zone-based Intrusion Detection in Wireless Network Environments

무선 네트워크 환경에서 영역기반 침입탐지 기법에 관한 연구

  • 양환석 (중부대학교 정보보호학과)
  • Received : 2019.12.05
  • Accepted : 2019.12.26
  • Published : 2019.12.31
Download PDF
⟨ Previous Next ⟩

Abstract

It is impossible to apply the routing protocol in the wired environment because MANET consists of only mobile nodes. Therefore, routing protocols considered these characteristics are required. In particular, if malicious nodes are not excluded in the routing phase, network performance will be greatly reduced. In this paper, we propose intrusion detection technique based on region to improve routing performance. In the proposed technique, the whole network is divided into certain areas, and then attack detection within the area using area management node is performed. It is a proposed method that can detect attack nodes in the path through cooperation with each other by using completion message received from member nodes. It also applied a method that all nodes participating in the network can share the attack node information by storing the detected attack node and sharing. The performance evaluation of the proposed technique was compared with the existing security routing techniques through the experiments and the superior performance of the proposed technique was confirmed.

MANET은 이동 노드로만 구성되어 있기 때문에 기존의 유선 환경에서의 라우팅 프로토콜을 그대로 적용할 수 없다. 따라서 이러한 특성이 고려된 라우팅 프로토콜이 필요하다. 특히 라우팅 단계에서 악의적인 노드들을 배제하지 못한다면 네트워크 성능은 크게 떨어질 수 밖에 없다. 본 논문에서는 라우팅 성능을 향상시키기 위해 영역기반 침입탐지 기법을 제안하였다. 제안한 기법에서는 전체 네트워크를 일정한 영역으로 분할한 후 영역관리 노드를 이용하여 영역내 공격 탐지가 이루어지도록 하였으며, 멤버 노드로부터 수신한 완료 메시지를 이용하여 서로간 협업을 통해 경로상에 존재하는 공격 노드를 탐지할 수 있는 방법을 제안하였다. 그리고 탐지한 공격노드 정보를 블록체인에 저장하여 공유함으로써 네트워크에 참여하는 모든 노드들이 공격노드 정보를 공유할 수 있도록 하는 방법을 적용하였다. 제안한 기법의 성능 평가는 기존의 보안 라우팅 기법들과 비교 실험하였으며, 실험을 통해 제안한 기법의 우수한 성능을 확인할 수 있었다.

Keywords

References

  1. Nishani, L., Biba, M., "Machine learning for intrusion detection in MANET," a state-of-the-art survey. J Intell Inf Syst 46, pp. 391-407, 2016. https://doi.org/10.1007/s10844-015-0387-y
  2. Shurman M.AI, Yoo S.M., Park S., " Black Hole Attack in Wireless Ad Hoc Networks.," In: Proceedings of ACM 42nd Southeast Conference (ACMSE 04), pp. 96-97, Alabama (2004).
  3. Kim G, Han Y, Kim S., "A cooperative-sinkhole detection method for mobile ad hoc networks," AEU-International Journal of Electronics and Communications, ;64(5), pp. 390-397, 2010. https://doi.org/10.1016/j.aeue.2009.01.008
  4. Cho JH, Chen IR. Performance analysis of hierarchi-cal group key management integrated with adaptiveintrusion detection in mobile ad hoc networks. Performance Evaluation, 68(1), pp. 58-75, 2011. https://doi.org/10.1016/j.peva.2010.09.005
  5. Mechtri L, Tolba FD, Ghanemi S., "MASID: multi-agent system for intrusion detection in MANET.," In Proceedings of Ninth IEEE International Conferenceon Information Technology : New Generations(ITNG), Las Vegas, Nevada, USA, April 2012, pp. 65-70.
  6. Al-Roubaiey, A. Sheltami, T., Mahmoud, A., Shakshuki, E., Mouftah, H., "AACK: Adaptive Acknowledgment Intrusion Detection for MANET with Node Detection Enhancement," Advanced Information Networking and Applications (AINA), 2010 24th IEEE International Conference on, Vol. 3, No. 1, pp. 634-640, 2010.
  7. Mohanapriya M, Krishnamurthi I., "Modified DSR protocol for detection and removal of selective black hole attack in MANET.," Computers & Electrical Engineering, 40(2), pp. 530-538, 2013. https://doi.org/10.1016/j.compeleceng.2013.06.001
  8. Kumar G, Kumar K., "An information theoretic ap-proach for feature selection.," Security and Communication Networks, 5(2), pp. 178-185, 2013. https://doi.org/10.1002/sec.303
  9. Lin HC, Sun MK, Huang HW, Tseng CY, Lin HT., "A specification-based intrusion detection modelfor wireless ad hoc networks.," In Proceedings of Third IEEE International Conference on Innovations in Bio-Inspired Computing and Applications (IBICA), Kaohsiung, Taiwan, September, pp. 252-257, 2012.