Energy-aware and self-adaptive anomaly detection scheme based on network tomography in mobile ad hoc networks
- 软件学院－已发表论文 
Anomaly detection is indispensable for satisfying security services in mobile ad hoc network (MANET) applications. Often, however, a highly secure mechanism consumes a large amount of network resources, resulting in network performance degradation. To shift intrusion detection from existing security-centric design approaches to network performance centric design schemes, this paper presents a framework for designing an energy-aware and self-adaptive anomaly detection scheme for resource constrained MANETs. The scheme uses network tomography, a new technique for studying internal link performance based solely on end-to-end measurements. With the support of a module comprising a novel spatial-time model to identify the MANET topology, an energy-aware algorithm to sponsor system service, a method based on the expectation maximum to infer delay distribution, and a Self-organizing Map (SOM) neural network solution to profile link activity, the proposed system is capable of detecting link anomalies and localizing malicious nodes. Consequently, the proposed scheme offers a trade-off between overall network security and network performance, without causing any heavy network overload. Moreover, it provides an additional approach to monitor the spatial-time behavior of MANETs, including network topology, link performance and network security. The effectiveness of the proposed schemes is verified through extensive experiments. (C) 2012 Elsevier Inc. All rights reserved.