Use this URL to cite or link to this record in EThOS:
Title: Decentralised soft-security in distributed systems
Author: Kiddie, Paul David
ISNI:       0000 0004 2703 8615
Awarding Body: University of Birmingham
Current Institution: University of Birmingham
Date of Award: 2011
Availability of Full Text:
Access from EThOS:
Access from Institution:
Existing approaches to intrusion detection in imperfect wireless environments employ local monitoring, but are limited by their failure to reason about the imprecise monitoring within a radio environment that arises from unidirectional links and collisions. This compounds the challenge of detecting subtle behaviour or adds to uncertainty in the detection strategies employed. A simulation platform was developed, based on the Jist/SWANS environment, adopting a robust methodology that employed Monte-Carlo sampling in order to evaluate intrusion detection systems (IDS). A framework for simulating adversaries was developed, which enabled wormholes, black holes, selfishness, flooding and data modification to be simulated as well as a random distribution thereof. A game theoretic inspired IDS, sIDS, was developed, which applied reasoning between the detection and response components of a typical IDS, to apply more appropriate local responses. The implementation of sIDS is presented within the context of a generic IDS framework for MANET. Results showed a 5-15% reduction in false response rate compared to a baseline IDS over a number of attacking scenarios. sIDS was extended with immune system inspired features, namely a response over multiple timescales, as employed by the innate and adaptive components of the immune system, and the recruitment of neighbouring agents to participate in a co-ordinated response to an intrusion. Results showed a true response rate of 95-100% for all simulated attack scenarios. For random misbehaviour and assisted black hole scenarios, PDR gains of up to 30% and 15% were observed respectively compared to the pure game theoretic approach, tracking the omniscient network performance in these scenarios. In all, this study has shown that applying game theoretic reasoning to existing detection methods results in better discrimination of benign nodes from adversaries, which can be used to bias network operation towards the benign nodes. When fused with immune system inspired features, the resulting IDS maintained this discrimination whilst substantially reducing attack efficacy.
Supervisor: Not available Sponsor: EPSRC
Qualification Name: Thesis (Ph.D.) Qualification Level: Doctoral
EThOS ID:  DOI: Not available
Keywords: TK Electrical engineering. Electronics Nuclear engineering