Graduation Year

2019

Document Type

Dissertation

Degree

Ph.D.

Degree Name

Doctor of Philosophy (Ph.D.)

Degree Granting Department

Electrical Engineering

Major Professor

Salvatore D. Morgera, Ph.D.

Committee Member

Yakoub Bazi, Ph.D.

Committee Member

Rangachar Kasturi, Ph.D.

Committee Member

Gangaram Ladde, Ph.D.

Committee Member

Ravi Sankar, Ph.D.

Committee Member

Alex Savachkin, Ph.D.

Keywords

Network Security

Abstract

Intrusion Detection systems plays a crucial role in detecting malicious activities that deteriorate the performance of the network. Mobile AdHoc Networks (MANETs) and Wireless Sensor Networks (WSNs) are a type of wireless networks that can deliver data without any need of infrastructure for their operation. The distributed nature of these networks and the limited resources available, pose a huge challenge for the security of a network. The need for an IDS that can adapt with such challenges is of utmost importance.

Two IDS schemes are presented in this dissertation; the first scheme is based on utilizing the promiscuous mode based on the node’s location in the simulated field. This scheme is called the pseudo cluster head algorithm. The field is divided in four quadrants with a circle in the middle of each quadrant. The node will be able to collect first hand data from the nodes in its radio range. This node uses the C. 4.5 decision tree algorithm for classification purposes. Each node in the proposed scheme transmits a signal called Anomaly Index (AI) to a manager node, which is a type of super node that collects data from other nodes at different quadrants.

The second scheme is a cross layer-based IDS with two layers of detection. The first layer is composed of dedicated sniffers that collects data from its neighbors using the promiscuous mode and calculates a parameter called the ‘Correctly Classified Instance’ and forwards it to a super node at constant time intervals called ‘Reporting Times’. The super node takes advantage of the variance of the CCIs in the smaller size population which represents the number of malicious nodes in the network is smaller than the variance of the larger size population which represents the number of normal nodes in the network. Based on this concept, a new quantity called Accumulated Measure of Fluctuations (AMoF) is presented. Its core is based on calculating variability of the CCIs collected by different DS with sliding window approach. Detection results for different node velocities and power transmitted level is presented. The results show better performance when dealing with higher transmitted power and low node velocity compared to other scenarios where node velocity is high and transmitted power is low.

Download

Share

COinS