Cross-layer based multiclass intrusion detection system for secure multicast communication of MANET in military networks

摘要

Multicast communication of mobile ad hoc networks (MANET), rather than multiple unicast communication, delivers common content to more than one receiver at a time. Due to cutting-edge communication technology and advancements in terms of radio-mounted devices, groups in front-end war field, as well as rescue troops, are well connected to carry out their missions using multicast communication. The key to the success of military networks in a hostile environment is security and collaboration. Internal attacks are major threats to impose a great failure in their mission goal. We introduce a novel indirect internal stealthy attack and known direct internal stealthy attacks such as black hole and deny-to-forward attacks on tree-based multicast routing protocol. These internal attacks can induce the performance degradation in the multicast group. We design a distributed cross-layer based machine learning anomaly detection system for multicast communication of MANET. Using efficient multilayer features, rather than routing layer features alone, improve the accuracy of the Intrusion Detection System (IDS) in terms of detection of direct and indirect internal stealthy attacks. We evaluate the sensitivity, specificity and detection accuracy of well-known multiclass classifiers in combination with various feature subset selection algorithms. Since our problem with classification is a multiclass, the performance metrics calculated here are different from the binary classifiers. Our IDS is efficient, with respect to high true positives, very low false positives and less resource consumption even in the very challenging conditions of multicast communication of ad hoc networks.