BHIDS: a new, cluster based algorithm for black hole IDS

Mobile ad hoc networks (MANET) are highly vulnerable to attacks due to multiple factors including the open medium, dynamically changing network topology, cooperative algorithms, and lack of centralized monitoring. Besides slowing down the network, the traditional way of using firewalls and cryptography often fails to detect different types of attacks. The lack of infrastructures in MANETs makes the detection and control of security hazards all the more difficult. In this paper, we present a new, cluster based Black Hole Intrusion Detection System (BHIDS) for mobile, ad hoc networks. The features that are considered for BHIDS include mobility of nodes, variation in number of attacking nodes, packet delivery rate, density of the network, etc. The nodes in the network form a two‐layered cluster. This helps splitting the processing and communication overhead between the cluster heads at Layer 1 and 2. The proposed IDS algorithm has been tested on a simulated network using the NS simulator. The performance graphs show marked improvement as far as packet dropping is concerned. Copyright © 2009 John Wiley & Sons, Ltd. The paper presents a new intrusion detection algorithm BHIDS to detect black hole attacks for a two layered hierarchical cluster of mobile nodes forming ad hoc network.