A framework for misuse detection in ad hoc networks- part II

A framework for misuse detection in ad hoc networks- part II

We focus on detecting intrusions in ad hoc networks using the misuse detection technique. We allow for detection modules that periodically stop functioning due to operational failure or compromise by intruders. Combining theories of stochastic coverage processes and approximation algorithms, we deve...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:IEEE journal on selected areas in communications 2006-02, Vol.24 (2), p.290-304
Hauptverfasser: Subhadrabandhu, D., Sarkar, S., Anjum, F.
Format: Artikel
Sprache:eng
Schlagworte:
Ad hoc networks
Algorithm design and analysis
Algorithms
Approximation
Approximation algorithms
Counting circuits
distributed algorithms
Failure
Failure analysis
Failure rates
Intrusion
Intrusion detection
Mathematical analysis
Modules
NP-hard problem
optimization
Polynomials
resource management
site security monitoring
Stochastic processes
Strategy
Topology
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page 304
container_issue 2
container_start_page 290
container_title IEEE journal on selected areas in communications
container_volume 24
creator Subhadrabandhu, D.
Sarkar, S.
Anjum, F.
description We focus on detecting intrusions in ad hoc networks using the misuse detection technique. We allow for detection modules that periodically stop functioning due to operational failure or compromise by intruders. Combining theories of stochastic coverage processes and approximation algorithms, we develop a framework to counter failure of detection modules, while minimizing the resource consumption. We show that the selection of the optimal set of nodes for executing the detection modules is an NP-hard problem. We present a distributed polynomial complexity selection algorithm that attains the best possible approximation ratio. We next consider a simple heuristic selection strategy that allows for seamless operation in time varying topologies. We obtain analytical expressions to quantify the tradeoffs between the resource consumption and detection rates attained by these algorithms. Using analysis and simulation, we identify the appropriate algorithms for different failure rates, resource limitation, and required detection rates.
doi_str_mv 10.1109/JSAC.2005.861388
format Article
fullrecord <record><control><sourceid>proquest_RIE</sourceid><recordid>TN_cdi_proquest_miscellaneous_896202223</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>1589109</ieee_id><sourcerecordid>896202223</sourcerecordid><originalsourceid>FETCH-LOGICAL-c384t-9b7faa45d85642afb65be853b302ddb87d8374226e88d270cefd0fd19b97c93f3</originalsourceid><addsrcrecordid>eNqF0c9LwzAUB_AgCs7pXfASPOip8yVp0hfwMoY_JgMP6jmkTYKdWzuTFvG_t2OC4EFP7_J5v_gScspgwhjoq4en6WzCAeQEFROIe2TEpMQMAHCfjKAQIsOCqUNylNISgOU58hG5ntIQ7dp_tPGNhjbSdZ365Knzna-6um1o3VDr6Gtb0cZ3W5YyurGxo_P5MTkIdpX8yXcdk5fbm-fZfbZ4vJvPpousEph3mS6LYG0uHUqVcxtKJUuPUpQCuHMlFg5FkXOuPKLjBVQ-OAiO6VIXlRZBjMnlbu4mtu-9T50Zrqz8amUb3_bJoFYcOOdikBd_Sq65FFLL_yECE4BqgOe_4LLtYzO8a1BJxYfNekCwQ1VsU4o-mE2s1zZ-GgZmG4_ZxmO28ZhdPEPL2a6l9t7_cIl64OILTLiJJg</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>865626209</pqid></control><display><type>article</type><title>A framework for misuse detection in ad hoc networks- part II</title><source>IEEE Xplore (Online service)</source><creator>Subhadrabandhu, D. ; Sarkar, S. ; Anjum, F.</creator><creatorcontrib>Subhadrabandhu, D. ; Sarkar, S. ; Anjum, F.</creatorcontrib><description>We focus on detecting intrusions in ad hoc networks using the misuse detection technique. We allow for detection modules that periodically stop functioning due to operational failure or compromise by intruders. Combining theories of stochastic coverage processes and approximation algorithms, we develop a framework to counter failure of detection modules, while minimizing the resource consumption. We show that the selection of the optimal set of nodes for executing the detection modules is an NP-hard problem. We present a distributed polynomial complexity selection algorithm that attains the best possible approximation ratio. We next consider a simple heuristic selection strategy that allows for seamless operation in time varying topologies. We obtain analytical expressions to quantify the tradeoffs between the resource consumption and detection rates attained by these algorithms. Using analysis and simulation, we identify the appropriate algorithms for different failure rates, resource limitation, and required detection rates.</description><identifier>ISSN: 0733-8716</identifier><identifier>EISSN: 1558-0008</identifier><identifier>DOI: 10.1109/JSAC.2005.861388</identifier><identifier>CODEN: ISACEM</identifier><language>eng</language><publisher>New York: IEEE</publisher><subject>Ad hoc networks ; Algorithm design and analysis ; Algorithms ; Approximation ; Approximation algorithms ; Counting circuits ; distributed algorithms ; Failure ; Failure analysis ; Failure rates ; Intrusion ; Intrusion detection ; Mathematical analysis ; Modules ; NP-hard problem ; optimization ; Polynomials ; resource management ; site security monitoring ; Stochastic processes ; Strategy ; Topology</subject><ispartof>IEEE journal on selected areas in communications, 2006-02, Vol.24 (2), p.290-304</ispartof><rights>Copyright The Institute of Electrical and Electronics Engineers, Inc. (IEEE) 2006</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c384t-9b7faa45d85642afb65be853b302ddb87d8374226e88d270cefd0fd19b97c93f3</citedby><cites>FETCH-LOGICAL-c384t-9b7faa45d85642afb65be853b302ddb87d8374226e88d270cefd0fd19b97c93f3</cites></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/1589109$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>314,780,784,796,27924,27925,54758</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/1589109$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Subhadrabandhu, D.</creatorcontrib><creatorcontrib>Sarkar, S.</creatorcontrib><creatorcontrib>Anjum, F.</creatorcontrib><title>A framework for misuse detection in ad hoc networks- part II</title><title>IEEE journal on selected areas in communications</title><addtitle>J-SAC</addtitle><description>We focus on detecting intrusions in ad hoc networks using the misuse detection technique. We allow for detection modules that periodically stop functioning due to operational failure or compromise by intruders. Combining theories of stochastic coverage processes and approximation algorithms, we develop a framework to counter failure of detection modules, while minimizing the resource consumption. We show that the selection of the optimal set of nodes for executing the detection modules is an NP-hard problem. We present a distributed polynomial complexity selection algorithm that attains the best possible approximation ratio. We next consider a simple heuristic selection strategy that allows for seamless operation in time varying topologies. We obtain analytical expressions to quantify the tradeoffs between the resource consumption and detection rates attained by these algorithms. Using analysis and simulation, we identify the appropriate algorithms for different failure rates, resource limitation, and required detection rates.</description><subject>Ad hoc networks</subject><subject>Algorithm design and analysis</subject><subject>Algorithms</subject><subject>Approximation</subject><subject>Approximation algorithms</subject><subject>Counting circuits</subject><subject>distributed algorithms</subject><subject>Failure</subject><subject>Failure analysis</subject><subject>Failure rates</subject><subject>Intrusion</subject><subject>Intrusion detection</subject><subject>Mathematical analysis</subject><subject>Modules</subject><subject>NP-hard problem</subject><subject>optimization</subject><subject>Polynomials</subject><subject>resource management</subject><subject>site security monitoring</subject><subject>Stochastic processes</subject><subject>Strategy</subject><subject>Topology</subject><issn>0733-8716</issn><issn>1558-0008</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2006</creationdate><recordtype>article</recordtype><sourceid>RIE</sourceid><recordid>eNqF0c9LwzAUB_AgCs7pXfASPOip8yVp0hfwMoY_JgMP6jmkTYKdWzuTFvG_t2OC4EFP7_J5v_gScspgwhjoq4en6WzCAeQEFROIe2TEpMQMAHCfjKAQIsOCqUNylNISgOU58hG5ntIQ7dp_tPGNhjbSdZ365Knzna-6um1o3VDr6Gtb0cZ3W5YyurGxo_P5MTkIdpX8yXcdk5fbm-fZfbZ4vJvPpousEph3mS6LYG0uHUqVcxtKJUuPUpQCuHMlFg5FkXOuPKLjBVQ-OAiO6VIXlRZBjMnlbu4mtu-9T50Zrqz8amUb3_bJoFYcOOdikBd_Sq65FFLL_yECE4BqgOe_4LLtYzO8a1BJxYfNekCwQ1VsU4o-mE2s1zZ-GgZmG4_ZxmO28ZhdPEPL2a6l9t7_cIl64OILTLiJJg</recordid><startdate>20060201</startdate><enddate>20060201</enddate><creator>Subhadrabandhu, D.</creator><creator>Sarkar, S.</creator><creator>Anjum, F.</creator><general>IEEE</general><general>The Institute of Electrical and Electronics Engineers, Inc. (IEEE)</general><scope>97E</scope><scope>RIA</scope><scope>RIE</scope><scope>AAYXX</scope><scope>CITATION</scope><scope>7SP</scope><scope>8FD</scope><scope>L7M</scope><scope>7TB</scope><scope>FR3</scope><scope>KR7</scope><scope>F28</scope></search><sort><creationdate>20060201</creationdate><title>A framework for misuse detection in ad hoc networks- part II</title><author>Subhadrabandhu, D. ; Sarkar, S. ; Anjum, F.</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c384t-9b7faa45d85642afb65be853b302ddb87d8374226e88d270cefd0fd19b97c93f3</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2006</creationdate><topic>Ad hoc networks</topic><topic>Algorithm design and analysis</topic><topic>Algorithms</topic><topic>Approximation</topic><topic>Approximation algorithms</topic><topic>Counting circuits</topic><topic>distributed algorithms</topic><topic>Failure</topic><topic>Failure analysis</topic><topic>Failure rates</topic><topic>Intrusion</topic><topic>Intrusion detection</topic><topic>Mathematical analysis</topic><topic>Modules</topic><topic>NP-hard problem</topic><topic>optimization</topic><topic>Polynomials</topic><topic>resource management</topic><topic>site security monitoring</topic><topic>Stochastic processes</topic><topic>Strategy</topic><topic>Topology</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Subhadrabandhu, D.</creatorcontrib><creatorcontrib>Sarkar, S.</creatorcontrib><creatorcontrib>Anjum, F.</creatorcontrib><collection>IEEE All-Society Periodicals Package (ASPP) 2005-present</collection><collection>IEEE All-Society Periodicals Package (ASPP) 1998–Present</collection><collection>IEEE Xplore (Online service)</collection><collection>CrossRef</collection><collection>Electronics &amp; Communications Abstracts</collection><collection>Technology Research Database</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Mechanical &amp; Transportation Engineering Abstracts</collection><collection>Engineering Research Database</collection><collection>Civil Engineering Abstracts</collection><collection>ANTE: Abstracts in New Technology &amp; Engineering</collection><jtitle>IEEE journal on selected areas in communications</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Subhadrabandhu, D.</au><au>Sarkar, S.</au><au>Anjum, F.</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>A framework for misuse detection in ad hoc networks- part II</atitle><jtitle>IEEE journal on selected areas in communications</jtitle><stitle>J-SAC</stitle><date>2006-02-01</date><risdate>2006</risdate><volume>24</volume><issue>2</issue><spage>290</spage><epage>304</epage><pages>290-304</pages><issn>0733-8716</issn><eissn>1558-0008</eissn><coden>ISACEM</coden><abstract>We focus on detecting intrusions in ad hoc networks using the misuse detection technique. We allow for detection modules that periodically stop functioning due to operational failure or compromise by intruders. Combining theories of stochastic coverage processes and approximation algorithms, we develop a framework to counter failure of detection modules, while minimizing the resource consumption. We show that the selection of the optimal set of nodes for executing the detection modules is an NP-hard problem. We present a distributed polynomial complexity selection algorithm that attains the best possible approximation ratio. We next consider a simple heuristic selection strategy that allows for seamless operation in time varying topologies. We obtain analytical expressions to quantify the tradeoffs between the resource consumption and detection rates attained by these algorithms. Using analysis and simulation, we identify the appropriate algorithms for different failure rates, resource limitation, and required detection rates.</abstract><cop>New York</cop><pub>IEEE</pub><doi>10.1109/JSAC.2005.861388</doi><tpages>15</tpages></addata></record>
fulltext fulltext_linktorsrc
identifier ISSN: 0733-8716
ispartof IEEE journal on selected areas in communications, 2006-02, Vol.24 (2), p.290-304
issn 0733-8716
1558-0008
language eng
recordid cdi_proquest_miscellaneous_896202223
source IEEE Xplore (Online service)
subjects Ad hoc networks
Algorithm design and analysis
Algorithms
Approximation
Approximation algorithms
Counting circuits
distributed algorithms
Failure
Failure analysis
Failure rates
Intrusion
Intrusion detection
Mathematical analysis
Modules
NP-hard problem
optimization
Polynomials
resource management
site security monitoring
Stochastic processes
Strategy
Topology
title A framework for misuse detection in ad hoc networks- part II
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-28T08%3A26%3A37IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_RIE&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=A%20framework%20for%20misuse%20detection%20in%20ad%20hoc%20networks-%20part%20II&rft.jtitle=IEEE%20journal%20on%20selected%20areas%20in%20communications&rft.au=Subhadrabandhu,%20D.&rft.date=2006-02-01&rft.volume=24&rft.issue=2&rft.spage=290&rft.epage=304&rft.pages=290-304&rft.issn=0733-8716&rft.eissn=1558-0008&rft.coden=ISACEM&rft_id=info:doi/10.1109/JSAC.2005.861388&rft_dat=%3Cproquest_RIE%3E896202223%3C/proquest_RIE%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=865626209&rft_id=info:pmid/&rft_ieee_id=1589109&rfr_iscdi=true