Abstract

Mobile ad-hoc networks (MANETs) are well known to be vulnerable to various attacks, due to features such as lack of centralized control, dynamic topology, limited physical security and energy constrained operations. In this paper we focus on preventing denial-of-service (DoS) attacks. As an example, we consider intruders that can cause DoS by exploiting the route discovery procedure of reactive routing protocols. We show the unsuitability of tools such as control chart, used in statistical process control (SPC), to detect DoS and propose an anomaly-based intrusion detection system that uses a combination of chi-square test & control chart to first detect intrusion and then identify an intruder. When the intruder is isolated from the network we show reduced overhead and increased throughput. Simulation results show that our algorithm performs well at an affordable processing overhead over the range of scenarios tested.