Design And Implementation Of Intrusion Detection System For Flying Adhoc Network

Computer Engineering | Computer Science | Electrical Electronics Engineering

The design and implementation of an Intrusion Detection System (IDS) for a Flying Adhoc Network (FANET) presents a complex challenge due to the dynamic and decentralized nature of airborne communication. FANETs, comprising unmanned aerial vehicles (UAVs) communicating wirelessly, require robust security measures to detect and mitigate potential intrusions effectively. The IDS architecture for FANET must incorporate distributed sensors deployed across UAVs, ground stations, and possibly other network elements to monitor network traffic, behavior, and anomalies in real-time. Utilizing machine learning algorithms, anomaly detection techniques, and encryption protocols, the IDS can identify suspicious activities such as unauthorized access attempts, malicious payloads, and abnormal traffic patterns. Furthermore, integrating mechanisms for secure key management, authentication, and encryption ensures the confidentiality and integrity of data exchanged within the FANET. Continuous monitoring, adaptive learning, and rapid response mechanisms are vital to enhancing the resilience of the IDS against emerging threats in dynamic aerial environments, thereby safeguarding the integrity and security of FANET operations.

ABSTRACT

Owing to ad hoc wireless networks’ properties, the implementation of complex security systems with higher computing resources seems troublesome in most situations. Therefore, the usage of intrusion detection systems has attracted considerable attention. The detection systems are implemented either as host-based, run by each node; or as cluster/network-based, run by cluster head. These two implementations exhibit benefits and drawbacks, such as when cluster-based is used alone, it faces maintaining protection when nodes delay to elect or replace a cluster head. Despite different heuristic approaches that have been proposed, there is still room for improvement. This study proposes a detection system that can run either as host- or as cluster-based to detect routing misbehavior attacks. The detection runs on a dataset built using the proposed routing-information-sharing algorithms. The detection system learns from shared routing information and uses supervised learning, when previous network status or an exploratory network is available, to train the model, or it uses unsupervised learning.

CHAPTER ONE

1.0 INTRODUCTION

1.1 BACKGROUND OF THE STUDY

Wireless networks have come to be used in various aspects of our life. A well-known example is their use by the army in battlefield scenarios. Recovery operations in cases of disasters such as hurricanes, floods, terrorist attack etc are also facilitated very much on account of the use of ad hoc networks for communications amongst the personnel involved. This is because such situations render the existing infrastructure unusable. University campuses and conference settings also gain on account of these networks since they allow easy collaboration and efficient communication on the fly without the need for costly network infrastructure. Expectations are also high with respect to the use of these networks in places like hotels, airports etc.

Ad hoc wireless networks are infrastructureless networks where devices collaborate to exchange data in a decentralized environment built or dismantled dynamically. Ad hoc networks are also known for their dynamic topology with restrained resources, which complicates the implementation of security solutions compared to networks with an infrastructure. Applications of ad hoc networks are in critical areas such as disaster relief, military activities, remote areas, vehicular ad hoc networks, and flying ad hoc networks. Ad hoc networks have requirements to fulfill to become more reliable and realize all their potential applications. Among different requirements, ad hoc networks need to implement mechanisms to detect, prevent, and mitigate security issues because they are critical to mission-critical networks where a single failure leads to unwanted consequences. In general, wireless networks are vulnerable to attacks such as jamming or spoofing. It is worse in ad hoc networks due to their properties because their routing protocols were initially designed without considering security factors.

But a vital problem that must be solved in order to realize these applications of ad hoc networks is that concerning the security aspects of such networks. We believe that solving these problems combined with the widespread availability of devices such as PDAs, laptops, small fixtures on buildings and cellular phones will ensure that ad hoc networks will become an indispensable part of our life.

Several studies on security mechanisms in wireless networks have dealt with different types of attacks; hence, this paper focuses on detecting routing misbehavior attacks in ad hoc wireless networks. Several techniques may be applied to achieve a detection system for routing misbehavior attacks. Such techniques include the use of threshold values, statistical analysis, finite state machine (FSM), rule- and signature-based schemes, machine learning (ML) models, and cryptography. Ad hoc networks can either be standalone networks or peripheral networks connected, for instance, to a wired local area network or to the Internet.

Ad hoc networks being spontaneous and mobile, their conﬁguration should be done with as little user intervention as possible and the nodes should be able to rely on an adapted routing algorithm to exchange information across the network. Furthermore, ad hoc networks should oﬀer the necessary security level for user applications.

Due to the lack of an underlying infrastructure, basic functionalities, such as routing, conﬁguration of the hosts or security management cannot rely on predeﬁned or centralised entities to operate, and must be carried out in a distributed manner. For instance, in the case of security, the nodes cannot rely on network architecture based defense techniques such as centralised ﬁrewalls. Each node thus becomes a point of vulnerability and must assume, by itself, it’s own security.

Routing and auto conﬁguration are two ﬁelds closely examined by the manet (mobile ad hoc networking), zeroconf (zero conﬁguration networking), and ipng (IP next generation), but, research concerning the security aspects of these mechanisms still seems to be immature.

Security requirements in wireless networks are nonetheless identical to those in wired networks and ad hoc networks should oﬀer mechanisms to achieve the following security services: Authentication, access-control, conﬁdentiality, integrity and non-repudiation.

This paper focuses on the speciﬁc security requirements of such new generation spontaneous IP networks and shows how an adapted intrusion detection mechanism can be implemented to increase their security.

1.2 PROBLEM STATEMENT

Ad hoc networks, as the name suggests, have no supporting infrastructure. Ad hoc networks are comprised of a dynamic set of cooperating peers, which share their wireless capabilities with other similar devices to enable communication with devices not in direct radio-range of each other, effectively relaying messages on behalf of others. Conventional methods of identification and authentication are not available, since the availability of a Certificate Authority or a Key Distribution Center cannot be assumed. Consequently, mobile device identities or their intentions cannot be predetermined or verified. Several routing protocols for ad-hoc networks have been proposed like DSDV, DSR, AODV, TORA etc. A majority of these protocols assume a trustworthy collaboration among participating devices that are expected to abide by a “code-of-conduct”. Herein lie several security threats, some arising from shortcomings in the protocols, and others from the lack of conventional identification and authentication mechanisms. These inherent properties of ad hoc networks make them vulnerable, and malicious nodes can exploit these vulnerabilities to launch various kinds of at- tacks. To protect the individual nodes and defend the Mobile Ad Hoc Network (MANET) from malicious attacks, intrusion detection and response mechanisms are needed.

1.3 OBJECTIVE OF THE STUDY

The main aim of an intruder in any network is to have malicious packets delivered to the endpoint of interest resulting in harm to the endpoint. The intrusion detection system tries to detect the occurrence of these packets while in transit between the intruder and the endpoint of interest so as to take proper corrective action. It is here that the routing protocols will have an effect on the intrusion detection capabilities of the network. The objectives of this study are:

To free the network from malicious intruder
To protect the individual nodes and defend the Ad Hoc Network

To have a reliable Ad Hoc Network

1.4 SIGNIFICANCE OF THE STUDY

Protecting ad-hoc networks needs to be a multi-pronged strategy. Intrusion prevention in the form of strong identification and authentication mechanisms alone are not sufficient. A malicious intruder can still launch attacks from both outside and inside the network environment that can weaken and compromise the network integrity resulting in serious consequences. For example, attacks could be in the form of jamming the network nodes so as to prevent them from communicating with each other, draining the batteries of a good node by transmitting irrelevant (junk) packets to it continuously, launching attacks such as TCP SYN-FIN, teardrop, ping-of-death etc resulting in a denial of service. Hence, it is necessary to also focus on the design of efficient intrusion detection mechanisms.

1.5 SCOPE OF THE STUDY

Intrusion detection is normally done by comparing the actual behavior of the system with the normal behavior of the system in the absence of any intrusions. Thus, a basic assumption is that the normal and abnormal behaviors of the system can be characterized.

1.6 LIMITATION OF STUDY

As we all know that no human effort to achieve a set of goals goes without difficulties, certain constraints were encountered in the course of carrying out this project and they are as follows:-

Difficulty in information collection: I found it too difficult in laying hands of useful information regarding this work and this course me to visit different libraries and internet for solution.

Financial Constraint: Insufficient fund tends to impede the efficiency of the researcher in sourcing for the relevant materials, literature or information and in the process of data collection (internet).

Time Constraint: The researcher will simultaneously engage in this study with other academic work. This consequently will cut down on the time devoted for the research work.

1.7 RESEARCH METHODOLOGY

In the course of carrying this study, numerous sources were used which most of them are by visiting libraries, consulting journal and news papers and online research which Google was the major source that was used.

1.8 PROJECT ORGANISATION

The work is organized as follows: chapter one discuses the introductory part of the work, chapter two presents the literature review of the study, chapter three describes the methods applied, chapter four discusses the results of the work, chapter five summarizes the research outcomes and the recommendations.