A Collaborated Rule-based Classifier for Malicious Node Detection in MANET

D. Shona and Dr.M. Senthil Kumar

Mobile Ad hoc Networks (MANETs) are vulnerable to several kinds of attacks because of its characteristics like dynamic nature and lack of a central point of control. Each type of attack required a specific mechanism to detect and prevent it. It is more complex to detect and prevent different individual attacks using different individual mechanisms. So a common mechanism is required to detect different types of attacks in a network. In this paper, an efficient method called as Collaborated Malicious Node Detection (CMND) is proposed to detect the different types attacks such as black hole attack, gray hole attack, wormhole attack and flooding attacks in a network. A Trust point node, observer node, and source node based black hole attack detection (TOBSA) mechanism is proposed where a node which has high connectivity degree and residual energy is selected as a trust point node. The trust point node considers the sequence number of route reply (RREP) to detect the black hole attack in the network. An Enhanced Gray hole- Intrusion Detection System (EG-IDS) is proposed to detect the gray hole attack where a Bayesian Bernoulli behavior classifier is used to evaluate the probability of maliciousness of the node. If it is high for a particular time period, then that node is broadcast as attacker node. An Enhanced Wormhole attack Detection (EWD) mechanism is proposed to detect wormhole attack in the network which calculates a suspicious value of each node based on bandwidth, residual energy, traffic, hop count and Round Trip Time (RRT). Based on the suspicious value of each node, wormhole attack is detected by EWD mechanism. A Security upgraded Trust based Flooding Attack Detection (ST-FAD) mechanism is proposed to detect the flooding attack in the network. ST-FAD uses balance index which is obtained by the combination of mean the number of RREQ and standard deviation the number of RREQ. Assign trust values to each node based on the balanced index of that node and their neighboring nodes. Based on the trust value, the attacker node in the network is detected and then drops packets. The information obtained from each mechanism such as node id, pop-length, total number of packet forwarded and received, total number of packet drop, total number of packets in communication, mean received signal strength and standard deviation is trained by Replicator Neural Network with Decision tree (RNTREE) which generates rules for detection of malicious nodes. Based on the rules, different types of attacks in a network are detected effectively. The experimental results prove the effectiveness of the proposed CMND method in terms of accuracy, precision, throughput, and Packet Delivery Ratio.

Volume 11 | 06-Special Issue

Pages: 32-48