Opening the Pandora's Box: Exploring the fundamental limitations of designing intrusion detection for MANET routing attacks

摘要

Intrusion detection is a critical component of the security framework in wireless ad hoc networks. However, the inherent properties of such networks such as the lack of infrastructure and the dynamic and decentralized nature make it extremely difficult to design effective Intrusion Detection Systems (IDS) for such environment. In this paper, we explore the major challenges posed by IDS design in ad hoc networks, and analyze the feasibility of implementing an intrusion detection system in an ad hoc network. Our analysis systematically focuses on all three major paradigms of IDS design, namely, logical rule-based techniques, probabilistic estimation based techniques as well as statistical classification techniques, and brings out the limitations of all three techniques. For illustrating the statistical limitations, a proactive ad hoc routing protocol, Optimized Link State Routing (OLSR) is used, and our analysis makes use of logical deduction as well as simulation of attacks on the OLSR protocol. The results dispel many popularly held assumptions in the literature.