Use this URL to cite or link to this record in EThOS:
Title: Evolutionary computation techniques for intrusion detection in mobile ad hoc networks
Author: Sen, Sevil
ISNI:       0000 0004 2703 8770
Awarding Body: University of York
Current Institution: University of York
Date of Award: 2010
Availability of Full Text:
Access from EThOS:
Access from Institution:
Mobile ad hoc networks (MANETs) are one of the fastest growing areas of research. By providing communications in the absence of a fixed infrastructure MANETs are an attractive technology for many applications. However, this flexibility introduces new security threats. Furthermore the traditional way of protecting networks is not directy applicable to MANETs. Many conventional security solutions are ineffective and inefficient for the highly dynamic and resource-constrained environments where MANET use might be expected. Since prevention techniques are never enough, intrusion detection systems (IDSs), which monitor system activities and detect intrusions, are generally used to complement other security mechanisms. %due to the dynamic nature %of MANETs, the lack of central points, and their highly constrained nodes. How to detect intrusions effectively and efficiently on this highly dynamic, distributed and resource-constrained environment is a challenging research problem. In the presence of these complicating factors humans are not particularly adept at making good design choices. That is the reason we propose to use techniques from artificial intelligence to help with this task. We investigate the use of evolutionary computation techniques for synthesising intrusion detection programs on MANETs. We evolve programs to detect the following attacks against MANETs: ad hoc flooding, route disruption, and dropping attacks. The performance of evolved programs is evaluated on simulated networks. The results are also compared with hand-coded programs. A good IDS on MANETs should also consider the resource constraints of the MANET environments. Power is one of the critical resources. Therefore we apply multi-objective optimization techniques (MOO) to discover trade-offs between intrusion detection ability and energy consumption of programs, and optimise these objectives simultaneously. We also investigate a suitable IDS architecture for MANETs in this thesis. Different programs are evolved for two architectures: local and cooperative detection in neighbourhood. Optimal trade-offs between intrusion detection ability and resource usage (energy, bandwidth) of evolved programs are also discovered using MOO techniques.
Supervisor: Clark, John A. Sponsor: Not available
Qualification Name: Thesis (Ph.D.) Qualification Level: Doctoral
EThOS ID:  DOI: Not available