Dynamic anomaly detection by using incremental approximate PCA in AODV-based MANETs

Authors

  • Meysam Alikhani Faculty of Electrical and Computer Engineering Tarbiat Modares University
Abstract:

Mobile Ad-hoc Networks (MANETs) by contrast of other networks have more vulnerability because of having nature properties such as dynamic topology and no infrastructure. Therefore, a considerable challenge for these networks, is a method expansion that to be able to specify anomalies with high accuracy at network dynamic topology alternation. In this paper, two methods proposed for dynamic anomaly detection in MANETs those named IPAD and IAPAD. The anomaly detection procedure consists three main phases: Training, Detection and Updating in these methods. In the IPAD method, to create the normal profile, we use the normal feature vectors and principal components analysis, in the training phase. In detection phase, during each time window, anomaly feature vectors based on their projection distance from the first global principal component specified. In updating phase, at end of each time window, normal profile updated by using normal feature vectors in some previous time windows and increasing principal components analysis. IAPAD is similar to IPAD method with a difference that each node use approximate first global principal component to specify anomaly feature vectors. In addition, normal profile will updated by using approximate singular descriptions in some previous time windows. The simulation results by using NS2 simulator for some routing attacks show that average detection rate and average false alarm rate in IPAD method is 95.14% and 3.02% respectively, and in IAPAD method is 94.20% and 2.84% respectively.

Upgrade to premium to download articles

Sign up to access the full text

Already have an account?login

similar resources

dynamic anomaly detection by using incremental approximate pca in aodv-based manets

mobile ad-hoc networks (manets) by contrast of other networks have more vulnerability because of having nature properties such as dynamic topology and no infrastructure. therefore, a considerable challenge for these networks, is a method expansion that to be able to specify anomalies with high accuracy at network dynamic topology alternation. in this paper, two methods proposed for dynamic anom...

full text

BeeID: intrusion detection in AODV-based MANETs using artificial Bee colony and negative selection algorithms

Mobile ad hoc networks (MANETs) are multi-hop wireless networks of mobile nodes constructed dynamically without the use of any fixed network infrastructure. Due to inherent characteristics of these networks, malicious nodes can easily disrupt the routing process. A traditional approach to detect such malicious network activities is to build a profile of the normal network traffic, and then iden...

full text

Approximate Incremental Dynamic Analysis Using Reduction of Ground Motion Records

Incremental dynamic analysis (IDA) requires the analysis of the non-linear response history of a structure for an ensemble of ground motions, each scaled to multiple levels of intensity and selected to cover the entire range of structural response. Recognizing that IDA of practical structures is computationally demanding, an approximate procedure based on the reduction of the number of ground m...

full text

A Dynamic Approach for Anomaly Detection in AODV

Mobile ad hoc networks (MANETs) are relatively vulnerable to malicious network attacks, and therefore, security is a more significant issue than infrastructure-based wire-less networks. In MANETs, it is difficult to identify malicious hosts as the topology of the network dynamically changes. A malicious host can easily interrupt a route for which it is one of the forming nodes in the communicat...

full text

Anomaly Based Intrusion Detection Using Incremental Approach: A Survey

As the communication industry has connected distant corners of the globe using advances in network technology, intruders or attackers have also increased attacks on networking infrastructure commensurately. System administrators can attempt to prevent such attacks using intrusion detection tools and systems. There are many commercially available signature-based Intrusion Detection Systems (IDSs...

full text

My Resources

Save resource for easier access later

Save to my library Already added to my library

{@ msg_add @}


Journal title

volume 1  issue 2

pages  89- 101

publication date 2013-01-28

By following a journal you will be notified via email when a new issue of this journal is published.

Hosted on Doprax cloud platform doprax.com

copyright © 2015-2023