分级的Ad Hoc网络入侵检测系统改进

随着无线网络的快速发展和移动计算应用的快速增加,移动无线网络安全问题愈加突出.入侵检测作为保证网络安全的一种有效手段已经从保护固定有线网络扩展到移动无线网络.作为无线移动网络众多实现方式之一的移动Ad Hoc网络分为平面和分级两种结构.由于其与有线网络存在很大差别,现有针对有线网络开发的入侵检测系统很难适用于移动Ad Hoc网络.本文在描述入侵检测相关技术的基础上改进了分级的AdHoc网络入侵检测系统体系结构,并给出了该系统的分簇算法,使之更好地应用于分级的Ad Hoc网络.     

无线传感器网络中的一种基于移动Agent的动态入侵检测系统

无限传感器网络需要一种有效的、灵活的入侵检测方法来抵御入侵。根据无限传感器网络的特征,我们设计了一种基于移动Agent的动态入侵检测系统。该系统包括四种Agent,监控Agent、检测Agent、响应Agent和管理Agent。多个Agent分部合作,并采用异常检测算法进行检测,从而提高了无限传感器网络的安全性和可靠性,同时也降低了入侵检测时的能耗。     

无线网络的安全架构与入侵检测的研究

分析了无线网络的脆弱性,介绍了WEP存在的严重缺陷。基于虚拟专网技术,提出了无线网络的安全性架构;给出了针对无线网络的入侵检测模型和网络异常行为检测策略。     

一种无线传感器网络混合入侵检测模型

简单介绍了无线传感器网络安全的重要性,在此基础上,提出了一种无线传感器网络混合入侵检测模型.此模型包括了3个模块,其中误用检测模块和异常检测模块用来发现入侵行为,决策模块做出反馈,帮助管理者及时了解网络情况,加强无线传感器网络的安全审查.异常检测模块使用BP神经网络作为核心,实验采用KDD CUP'99数据集,使用MA...     

无线传感器网络入侵检测系统研究综述

目前,无线传感器网络在智能环境检测,灾难控制,战场侦察,安全监视方面取得了日益广泛的应用,引起人们日益关注,无线传感器网络的安全问题越来越显得重要。论文首先介绍了入侵及入侵检测,然后分析了无线传感器网络入侵检测系统及其分类,主要研究分析目前的无线传感器网络入侵检测技术及其各自的优缺点。最后提出了无线传感器网络入侵检测技术可能的发展方向。     

基于机器学习的移动自组织网络入侵检测方法

移动自组织网络是由无线移动节点组成的复杂分布式通信系统。研究了移动自组织网络的入侵检测问题,采用了一种新型的基于机器学习算法的异常入侵检测方法。该方法获取正常事件的内部特征的相互关系模式,并将该模式作为轮廓检测异常事件。在Ad hoc 按需距离向量协议上实现了该方法,并在网络仿真软件QualNet中对其进行了评估。     

无线网络入侵检测系统的设计与实现

文章详细介绍了一些适用于无线网络入侵检测的技术方法,并且结合我国目前对于无线网络的发展需要以及无线网络存在安全威胁,对提高无线网络入侵检测系统的设计与实现进行探讨。     

一种基于MA的无线传感器网络IDS模型研究

本文针对分簇式无线传感器网络的特点,将入侵检测技术与移动Agent技术相结合,提出一种基于MA的无线传感器网络入侵检测方案,采用多个Agent模块分布协作,运用一种基于聚类的入侵检测算法,从而达到提高无线传感器网络的安全性、可靠性,降低入侵检测能量消耗的目的。     

Intrusion Detection Systems in Internet of Things and Mobile Ad-Hoc Networks

Internet of Things (IoT) devices work mainly in wireless mediums; requiring different Intrusion Detection System (IDS) kind of solutions to leverage 802.11 header information for intrusion detection. Wireless-specific traffic features with high information gain are primarily found in data link layers rather than application layers in wired networks. This survey investigates some of the complexities and challenges in deploying wireless IDS in terms of data collection methods, IDS techniques, IDS placement strategies, and traffic data analysis techniques. This paper’s main finding highlights the lack of available network traces for training modern machine-learning models against IoT specific intrusions. Specifically, the Knowledge Discovery in Databases (KDD) Cup dataset is reviewed to highlight the design challenges of wireless intrusion detection based on current data attributes and proposed several guidelines to future-proof following traffic capture methods in the wireless network (WN). The paper starts with a review of various intrusion detection techniques, data collection methods and placement methods. The main goal of this paper is to study the design challenges of deploying intrusion detection system in a wireless environment. Intrusion detection system deployment in a wireless environment is not as straightforward as in the wired network environment due to the architectural complexities. So this paper reviews the traditional wired intrusion detection deployment methods and discusses how these techniques could be adopted into the wireless environment and also highlights the design challenges in the wireless environment. The main wireless environments to look into would be Wireless Sensor Networks (WSN), Mobile Ad Hoc Networks (MANET) and IoT as this are the future trends and a lot of attacks have been targeted into these networks. So it is very crucial to design an IDS specifically to target on the wireless networks.     

A survey on routing algorithms for wireless Ad-Hoc and mesh networks

Wireless networking technology is evolving as an inexpensive alternative for building federated and community networks (relative to the traditional wired networking approach). Besides its cost-effectiveness, a wireless network brings operational efficiencies, namely mobility and untethered convenience to the end user. A wireless network can operate in both the “Ad-Hoc” mode, where users are self-managed, and the “Infrastructure” mode, where an authority manages the network with some Infrastructure such as fixed wireless routers, base stations, access points, etc. An Ad-Hoc network generally supports multi-hopping, where a data packet may travel over multiple hops to reach its destination. Among the Infrastructure-based networks, a Wireless Mesh Network (with a set of wireless routers located at strategic points to provide overall network connectivity) also provides the flexibility of multi-hopping. Therefore, how to route packets efficiently in wireless networks is a very important problem.A variety of wireless routing solutions have been proposed in the literature. This paper presents a survey of the routing algorithms proposed for wireless networks. Unlike routing in a wired network, wireless routing introduces new paradigms and challenges such as interference from other transmissions, varying channel characteristics, etc. In a wireless network, routing algorithms are classified into various categories such as Geographical, Geo-casting, Hierarchical, Multi-path, Power-aware, and Hybrid routing algorithms. Due to the large number of surveys that study different routing-algorithm categories, we select a limited but representative number of these surveys to be reviewed in our work. This survey offers a comprehensive review of these categories of routing algorithms.In the early stages of development of wireless networks, basic routing algorithms, such as Dynamic Source Routing (DSR) and Ad-Hoc On-demand Distance Vector (AODV) routing, were designed to control traffic on the network. However, it was found that applying these basic routing algorithms directly on wireless networks could lead to some issues such as large area of flooding, Greedy Forwarding empty set of neighbors, flat addressing, widely-distributed information, large power consumption, interference, and load-balancing problems. Therefore, a number of routing algorithms have been proposed as extensions to these basic routing algorithms to enhance their performance in wireless networks. Hence, we study the features of routing algorithms, which are compatible with the wireless environment and which can overcome these problems.     

基于序列模型的无线传感网入侵检测系统

随着物联网(IoT)的快速发展，越来越多的IoT节点设备被部署，但伴随而来的安全问题也不可忽视。IoT的网络层节点设备主要通过无线传感网进行通信，其相较于互联网更开放也更容易受到拒绝服务等网络攻击。针对无线传感网面临的网络层安全问题，提出了一种基于序列模型的网络入侵检测系统，对网络层入侵进行检测和报警，具有较高的识别率以及较低的误报率。另外，针对无线传感网节点设备面临的节点主机设备的安全问题，在考虑节点开销的基础上，提出了一种基于简单序列模型的主机入侵检测系统。实验结果表明，针对无线传感网的网络层以及主机层的两个入侵检测系统的准确率都达到了99%以上，误报率在1%左右，达到了工业需求，这两个系统可以全面有效地保护无线传感网安全。     

无线局域网入侵检测系统的研究

入侵检测系统对于保障无线局域网(WLAN)的安全十分重要。在深入分析当前WLAN安全问题中面临的主要问题后,针对无线局域网的特点,提出并实现了一个分布式无线入侵检测系统。首先对无线局域网网络结构和主要安全技术进行了分析,阐述了入侵检测技术在无线局域网安全体系结构中的重要作用以及目前入侵检测技术存在的主要问题。然后在WLAN环境下实现了一个分布式无线入侵检测系统。研究了诸如Winpcap网络数据包捕获技术,多模式匹配算法中的自动机匹配算法及统计分析算法等具体实现技术。     

基于嵌入式Linux的Ad-Hoc网络视频传输研究

针对目前多数无线网络通信依赖于接入点(AP,access point)的现状,采用ARM9处理器(S3C2440)与嵌入式Linux操作系统相结合的技术,组建了Ad-Hoc无线网络通信系统.重点对无线网卡驱动程序进行了深入分析,实现了无线网卡在Linux环境下的移植,通过移植无线网络配置工具使无线网卡工作于Ad-Hoc...     

无线网状网(WMN)的入侵检测模型研究

要实现WMN的应用最突出的是安全保障,由于无线网络的网络特性,其它网络节点的检测信息都不能被传统的分布式无线网络入侵检测模型有效地利用,本文对路由器之间交换检测信息入侵检测模型进行了研究探讨。     

Ad hoc网络中一种基于学习Petri网的入侵检测模型

移动自组织网络是由无线移动节点组成的复杂分布式通信系统.研究了移动自组织网络的入侵检测问题,对当前Ad hoc网络上的入侵行为和入侵检测技术进行了分析,论述了学习Petri网络应用于入侵检测系统中的优势,给出了一个基于学习Petri网络的入侵检测实施模型,并在网络仿真软件ns2中对其进行了评估.     

无线网络中的攻击检测技术研究

分析了无线网络的脆弱性、需要进行攻击检测的原因以及不能直接应用目前已有方法的原因，并提出了无线网络中的攻击检测与应用机制。     

一种蚁群优化的WSN分布式入侵检测模型

针对无线传感器网络中入侵者能在多个节点上移动并隐藏攻击源头的特点,提出了一种基于蚁群优化的无线传感器网络分布式入侵检测模型。分析了现有入侵检测对未知攻击检测率和误报率方面的不足,在此基础上提出了分布式入侵检测的体系结构,设计了基于蚁群优化的入侵检测算法。仿真实验表明提出的方案能够提高无线传感器网络对未知攻击的检测率和降低对正常网络流量的误报率,较好地解决了路由攻击、Sinkhole攻击问题,能够降低入侵检测的能耗。     

Ellipsoidal neighbourhood outlier factor for distributed anomaly detection in resource constrained networks

Anomaly detection in resource constrained wireless networks is an important challenge for tasks such as intrusion detection, quality assurance and event monitoring applications. The challenge is to detect these interesting events or anomalies in a timely manner, while minimising energy consumption in the network. We propose a distributed anomaly detection architecture, which uses multiple hyperellipsoidal clusters to model the data at each sensor node, and identify global and local anomalies in the network. In particular, a novel anomaly scoring method is proposed to provide a score for each hyperellipsoidal model, based on how remote the ellipsoid is relative to their neighbours. We demonstrate using several synthetic and real datasets that our proposed scheme achieves a higher detection performance with a significant reduction in communication overhead in the network compared to centralised and existing schemes.     

基于Chi-square检验的分布式网络入侵检测系统

针对网络攻击的新特点,本文提出了一种基于Chi-square检验的分布式网络入侵检测系统模型CTDIDS。设计并实现了一个基于异常检测的入侵分析引擎。通过对网络数据包的分析,运用Chi-square值比较对系统的行为进行检测。与现有的入侵检测方法相比,本文提出的方法具有更好的环境适应性和数据协同分析能力。实验证明,分布式入侵检测系统CTDIDS具有更高的准确性和扩展性。     

面向复杂网络的异常检测研究进展

异常检测是指识别数据集中显著区别于其他正常模式的数据,广泛应用于欺诈检测、入侵检测、数据分析等领域.现有的异常检测研究大多是基于非结构化数据点集,而现实中数据间复杂的结构关系构成了复杂网络,在数学形式上表示为图,所以面向复杂网络的异常检测的需求日益增加.对此,总结了当前复杂网络异常检测的方法与研究进展:首先提出复杂网络异常检测的必要性与发展历史;其次,分别从静态图和动态图的视角将复杂网络异常检测分为基于结构、社区、关系学习的静态图异常检测和基于节点、边、子图、全图的动态图异常检测;然后,分类别地进行概述、分析与比较,并给出复杂网络异常检测的应用场景;最后,总结未来面向复杂网络异常检测的研究方向.