• Jun 13, 2017 News!The submission for 2018 7th International Conference on Information and Electronics Engineering (ICIEE 2018) is officially open now !   [Click]
  • Jul 28, 2017 News!IJIEE Vol. 7, No. 4 issue has been published online!   [Click]
  • Jun 28, 2017 News!Papers published in Vol.7, No.1 have all received dois from Crossref.
General Information
Editor-in-chief

 
Faculty of Science, University of Brunei Darussalam, Brunei Darussalam   
" It is a great honor to serve as the editor-in-chief of IJIEE. I'll work together with the editorial team. Hopefully, IJIEE will be recognized among the readers in the related field."
IJIEE 2015 Vol.5(4): 245-249 ISSN: 2010-3719
DOI: 10.7763/IJIEE.2015.V5.538

A Novel Approach to Combine Misuse Detection and Anomaly Detection Using POMDP in Mobile Ad-Hoc Networks

Mohsen Imani, Mohammad Ebrahim Rajabi, Mahdi Taheri, and Majid Naderi
Abstract— Security becomes out of the main concerns in mobile ad hoc networks. Intrusion detection systems are reactive systems that act as a second wall to protect the network. Misuse detection is a technique which is used commonly by intrusion detection systems to match the attacksignature pattern in mobile ad hoc networks. Anomaly detection is another technique that is able to detect novel attacks. Both of the misuse detection and the anomaly detection techniques monitor system activities. The weak point of misuse detection is the disability in detection of unknown attacks. Anomaly detection is able to detect unknown attacks but false positive rate in anomaly detection responses is so high. Therefore in this paper we take advantages of combination schemes to overcome the shortco-ming of each technique. We propose a novel approach to combine the misuse detection with the anomaly detection optimally to save cost associated with resource constraints and security requirements. We perform the whole system as a partially observed Markov decision process considering both system security and resource constraints. We then use dynamic programming Hidden Markov Model (HMM) to share information history and scheduling. Simulation shows the efficiency of proposed scheme.

Index Terms— Component, mobile ad hoc networks, intrusion detection, misuse detection, anomaly detection.

The authors are with Cryptography and Secure Systems Lab, Iran university of Science and Technology, Tehran, Iran (e-mail: moh.imani@ieee.org, merajabi@elec.iust.ac.ir, mahdi_taheri@elec.iust.ac.ir, m_naderi@iust.ac.ir).

[PDF]

Cite: Mohsen Imani, Mohammad Ebrahim Rajabi, Mahdi Taheri, and Majid Naderi, " A Novel Approach to Combine Misuse Detection and Anomaly Detection Using POMDP in Mobile Ad-Hoc Networks," International Journal of Information and Electronics Engineering vol. 5, no. 4, pp. 245-249, 2015.

Copyright © 2008-2017. International Journal of Information and Electronics Engineering. All rights reserved.
E-mail: ijiee@ejournal.net