Agent Based Efficient Anomaly Intrusion Detection System In Ad Hoc Networks

Networks are protected using many firewalls and encryption software’s. But many of them are not sufficient and effective. Most intrusion detection systems for mobile ad hoc networks are focusing on either routing protocols or its efficiency, but it fails to address the security issues. Some of the nodes may be selfish, for example, by not forwarding the packets to the destination, thereby saving the battery power.

Some others may act malicious by launching security attacks like denial of service or hack the information. The ultimate goal of the security solutions for wireless networks is to provide security services, such as authentication, confidentiality, integrity, anonymity, and availability, to mobile users. This paper incorporates agents and data mining techniques to prevent anomaly intrusion in mobile adhoc networks.

Home agents present in each system collects the data from its own system and using data mining techniques to observed the local anomalies. The Mobile agents monitoring the neighboring nodes and collect the information from neighboring home agents to determine the correlation among the observed anomalous patterns before it will send the data. This system was able to stop all of the successful attacks in an adhoc networks and reduce the false alarm positives.

Existing System:

Existing methods of intrusion detection have to be modified and new methods have to be defined in order for intrusion detection to work effectively in this new network architecture. In this paper, we will first provide an introduction to wireless ad-hoc networks and thereafter an introduction to intrusion detection. We will then present various existing intrusion detection techniques that can be adapted to wireless ad-hoc networks and finally propose a hybrid intrusion detection system for wireless ad-hoc networks.

Wireless ad-hoc networks are increasingly being used in the tactical battlefield, emergency search and rescue missions, as well as civilian ad-hoc situations like conferences and classrooms due to the ease and speed in setting up such networks. As wireless ad-hoc networks have different characteristics from a wired network, the intrusion detection techniques used for wired networks may no longer be sufficient and effective when adapted directly to a wireless ad-hoc network.

Proposed System:

We proposed intrusion detection community has been deals mainly on wired networks, but it is lack of security in wireless networks. Anomaly detection and misuse detection or signature detection are the two techniques used for intrusion detection system. Anomaly detection describes the abnormal patterns of behavior, where "abnormal" patterns are defined beforehand. Misuse detection relies on the use of specifically known patterns of unauthorized behavior.

Thus these techniques rely on sniffing packets and using the sniffed packets for analysis. In order to realize these ID techniques the packets can be sniffed on each of the end hosts. This is called as host intrusion detection (HID). n detection (HID). It is also possible to sniff these packets on certain predetermined machines in the network. This is called as network intrusion detection (NID).

Mobile agents are a special type of agents defined as "processes capable of roaming through large networks such as the adhoc wireless network, interacting with machines, collecting information and returning after executing the tasks adjusted by the user". Intrusion detection is an important part of computer security. It provides an additional layer of defense against computer is use after physical, authentication and access control.

Module Description:

  • Module 1

  • In this module, we are going to connect the network .Each node is connected the neighboring node and it is independently deployed in network area. And also deploy the each port no is authorized in a node.
  • Module 2

  • In this module, browse and select the source file. And selected data is converted into fixed size of packets. And the packet is send from source to detector.
  • Module 3

  • The intrusion detection is defined as a mechanism for a WSN to detect the existence of inappropriate, incorrect, or anomalous moving attackers. In this module check whether the path is authorized or unauthorized. If path is authorized the packet is send to valid destination. Otherwise the packet will be deleted. According port no only we are going to find the path is authorized or Unauthorized.
  • Module 4

  • If the packet is received from other than the port no it will be filtered and discarded. This filter only removes the unauthorized packets and authorized packets send to destination.
  • Module 5

  • In this module, after filtering the invalid packets all the valid Packets will reach the destination.