Académique Documents
Professionnel Documents
Culture Documents
(2003) 116 1
Intrusion Detection Techniques for Mobile Wireless Networks
Yongguang Zhang
HRL Laboratories LLC, Malibu, California
E-mail: ygz@hrl.com
Wenke Lee
College of Computing, Georgia Institute of Technology
E-mail: wenke@cc.gatech.edu
Yi-An Huang
College of Computing, Georgia Institute of Technology
E-mail: yian@cc.gatech.edu
The rapid proliferation of wireless networks and mobile computing applications has changed the landscape of network
security. The traditional way of protecting networks with rewalls and encryption software is no longer sucient and
eective. We need to search for new architecture and mechanisms to protect the wireless networks and mobile computing
application.
In this paper, we examine the vulnerabilities of wireless networks and argue that we must include intrusion detection
in the security architecture for mobile computing environment. We have developed such an architecture and evaluated
a key mechanism in this architecture, anomaly detection for mobile ad-hoc network, through simulation experiments.
Keywords: intrusion detection, intrusion response, cooperative detection, anomaly detection, mobile ad-hoc networks.
1. Introduction
The rapid proliferation of wireless networks and mo-
bile computing applications has changed the landscape
of network security. The nature of mobility creates new
vulnerabilities that do not exist in a xed wired net-
work, and yet many of the proven security measures
turn out to be ineective. Therefore, the traditional
way of protecting networks with rewalls and encryp-
tion software is no longer sucient. We need to develop
new architecture and mechanisms to protect the wire-
less networks and mobile computing applications.
The implication of mobile computing on network se-
curity research can be further demonstrated by the fol-
low case. Recently (Summer 2001) an Internet worm
called Code Red has spread rapidly to infect many of the
Windows-based server machines. To prevent this type
of worm attacks from spreading into intranets, many