Optimised Agent-Based Intrusion Detection for Wireless Ad Hoc Networks

When?

Tuesday 23 November 2010, 10:00 to 11:00

Where?

39BB02

Open to:

Staff, Students

Speaker:

Mr Stefan Stafrace

In this work we propose the use of military inspired concepts to optimise the operations of agent-based IDS for WAHN. We built an agent platform that executes the functions carried out in a military environment, such as Command and Control (C2) operations, logistics and intelligence gathering. Furthermore we employed basic semantics from the military domain that determine how the agents communicate and cooperate with each other. More specifically we applied these military concepts to establish a chain of command, the tactics and the rules of engagement followed by the agents whilst patrolling the network. These tactical agents adopt a risk-based approach such that the frequency of patrol missions is directly proportional to the risk factor of the route.

In our study we implemented (using J-SIM) a simulation-based model of our solution to detect and recover from a Sinkhole attack in a Wireless Sensor Network (WSN), using the Ad hoc On Demand Distance Vector (AODV) as routing protocol. We evaluated the proof of concept in terms of the detection precision, data loss incurred from the attack and the agent overheads due to mobility and communication. The results demonstrated that taking into account the risk factor of the patrolled routes allowed the IDS to adapt to the dynamic demands of the network, thus consuming resources only when required. This was particularly noticeable in larger networks. Furthermore, a high detection precision rate was achieved with minimal communication overheads when compared to the total communication costs. The high precision rate was substantiated by multiple detections of the sinkhole node being carried out from various squads of tactical agents patrolling the network.