تشخيص ناهنجاري در شبکههاي اقتضايي مبتني بر خوشه با روش رأيگيري فازي
الموضوعات :محمد رحمانيمنش 1 , سعيد جليلي 2
1 - دانشگاه تربيت مدرس
2 - دانشگاه تربيت مدرس
الکلمات المفتاحية: شبکه اقتضايي تشخيص ناهنجاري تحليل پروتکل AODV تحليل حمله ترکيب دستهبندهاي تککلاسي رأيگيري فازي,
ملخص المقالة :
در اين مقاله روشي براي تشخيص و تحليل حمله در شبکه اقتضايي با ساختار مبتني بر خوشه و با پروتکل مسيريابي AODV پيشنهاد ميشود. براي توصيف رفتار پروتکل AODV، ابتدا تعدادي خصيصه با رويکردي مبتني بر تحليل مرحله به مرحله ويژگيها و رفتار پروتکل AODV تعريف ميشود. آنگاه براي تشخيص حمله، از رويکرد تشخيص ناهنجاري استفاده ميشود و رفتار عادي پروتکل AODV با استفاده از خصيصههاي تعريفشده و بر اساس مدل بهدست آمده از ترکيب دستهبندهاي تککلاسي SVDD، MoG و SOM يادگيري ميشود و نظر هر گره بر مبناي مدل ترکيبي بهدست آمده شکل ميگيرد. نظرات گرهها در فرايند تشخيص ناهنجاري مرتباً به گرههاي سرخوشه فرستاده ميشود تا تشخيص نهايي در آن گرهها انجام شود. در روش پيشنهادي، براي ترکيب نتايج دستهبندهاي تککلاسي در هر گره و براي تجميع نظرات ارسالي از گرههاي هر خوشه در گره سرخوشه، روشي فازي ارائه ميشود که موجب ميشود کارايي روش پيشنهادي در تشخيص حملههاي سياهچاله، سوراخ کرم، تکرار بستهها، عجول و جعل بستههاي RouteError به مقدار قابل توجهي ارتقا يابد. در اين مقاله همچنين يک روش تحليل حمله بر مبناي رتبهبندي اثرپذيري خصيصهها پيشنهاد ميشود که مشخص ميکند هر کدام از اين حملهها چه بخشهايي از ويژگيها و رفتار پروتکل AODV را بيشتر تحت تأثير قرار ميدهند. اين تحليل در هنگام کارکرد شبکه ميتواند منجر به تشخيص نوع حملهاي که در شبکه در حال اعمال است، شود.
[1] C. Perkins and E. Royer, "Ad hoc on demand distance vector routing," in Proc. of the 2nd IEEE Workshop on Mobile Computing Systems and Applications, WMCSA 99, pp. 90-100, Feb. 1999.
[2] C. Perkins, E. Royer, and S. Das, "Ad hoc on demand distance vector routing," IETF RFC 3561, Jul. 2003.
[3] N. Vapnik, Statistical Learning Theory, John Wiley and Sons, 1998.
[4] D. M. J. Tax, One - Class Classification, Ph. D. Dissertation, Delft University of Technology, 2001.
[5] C. Bishop, Neural Networks for Pattern Recognition, Oxford University Press, 1995.
[6] T. Kohonen, Self - Organizing Maps, Springer-Verlag, Third Edition, 2001.
[7] Y. Huang, W. Fan, W. Lee, and P. Yu, "Cross - feature analysis for detecting ad hoc routing anomalies," in Proc. of the 23rd Int. Conf. on Distributed Computing Systems, ICDCS 03, pp. 478-487, May 2003.
[8] J. R. Quinlan, C4.5: Programs for Machine Learning, Morgan Kaufmann Publishers, 1993.
[9] W. W. Cohen, "Fast effective rule induction," in Proc. of 12th Int. Conf. on Machine Learning, pp. 115-123, Jul. 1995.
[10] E. Alpaydin, Introduction to Machine Learning, MIT Press, 2004.
[11] H. Nakayama, S. Kurosawa, A. Jamalipour, Y. Nemoto, and N. Kato, "A dynamic anomaly detection scheme for AODV - based mobile ad hoc networks," IEEE Trans. on Vehicular Technology, vol. 58, no. 5, pp. 2471-2481, Jun. 2009.
[12] S. Kurosawa, H. Nakayama, N. Kato, A. Jamalipour, and Y. Nemoto, "A self - adaptive intrusion detection method for AODV - based mobile ad hoc networks," in Proc. of IEEE Int. Conf. on Mobile Ad Hoc and Sensor Systems, pp. 773-780, Nov. 2005.
[13] J. B. D. Cabrera, C. Gutierrez, and R. K. Mehra, "Infrastructures and algorithms for distributed anomaly - based intrusion detection in mobile ad hoc networks," in Proc. of IEEE Military Communications Conf., MILCOM 05, vol. 3, pp. 1831-1837, Oct. 2005.
[14] J. B. D. Cabrera, C. Gutierrez, and R. K. Mehra, "Ensemble methods for anomaly detection and distributed intrusion detection in mobile ad hoc networks," Information Fusion, vol. 9, no. 1, pp. 96-119, Jan. 2008.
[15] W. Chen, N. Jain, and S. Singh, "ANMP: ad hoc network management protocol," IEEE J. on Selected Areas in Communications, vol. 17, no. 8, pp. 1506-1531, Aug. 1999.
[16] Y. Zhang and W. Lee, "Intrusion detection in wireless ad hoc networks," in Proc. of 6th Annual Int. Conf. on Mobile Computing and Networking, pp. 275-283, Boston, Aug. 2000.
[17] Y. Zhang, W. Lee, and Y. Huang, "Intrusion detection techniques for mobile wireless networks," ACM Wireless Networks, vol. 9, no. 5, pp. 545-556, Sep. 2003.
[18] H. Deng, Q. A. Zeng, and D. P. Agrawal, "SVM - based intrusion detection system for wireless ad hoc networks," in Proc. of IEEE Vehicular Technology Conf., vol. 3, pp. 2147-2151, Oct. 2003.
[19] H. Deng, R. Xu, J. Li, F. Zhang, R. Levy, and W. Lee, "Agent - based cooperative anomaly detection for wireless ad hoc networks," in Proc. of the 12th Int. Conf. on Parallel and Distributed Systems, ICPADS 06, vol. 1, Jul. 2006.
[20] T. M. Cover and P. E. Hart, "Nearest neighbor pattern classification," IEEE Trans. on Information Theory, vol. 13, no. 1, pp. 21-27, Jan. 1967.
[21] T. Avram, S. Oh, and S. Hariri, "Analyzing attacks in wireless ad hoc network with self - organizing maps," in Proc. of Fifth Annual Conf. on Communication Networks and Services Research, CNSR'07, pp. 166-175, May 2007.
[22] Y. A. Huang and W. Lee, "Attack analysis and detection for ad hoc routing protocols," in Proc. of Recent Advances in Intrusion Detection, pp. 125-145, Sep. 2004.
[23] I. Aad, J. Hubaux, and E. W. Knightly, "Impact of denial of service attacks on ad hoc networks," IEEE/ACM Trans. on Networking, vol. 16, no. 4, pp. 791-802, Aug. 2008.
[24] F. Xing and W. Wang, "Understanding dynamic denial of service attacks in mobile ad hoc networks," in IEEE Military Communication Conf., MILCOM'06, 7 pp., Oct. 2006.
[25] Y. Hu, A. Perrig, and D. Johnson, "Wormhole attacks in wireless networks," IEEE J. on Selected Areas in Communications, vol. 24, no. 2, pp. 370-380, Feb. 2006.
[26] Y. C. Hu, A. Perrig, and D. B. Johnson, "Rushing attacks and defense in wireless ad hoc network routing protocols," in Proc. of ACM Workshop Wireless Security, WiSe'03, pp 30-40, Sep. 2003.
[27] L. I. Kuncheva, Combining Pattern Classifiers, Methods, and Algorithms, John Wiley and Sons, 2004.
[28] D. M. J. Tax, M. V. Breukelen, R. P. W. D. Duin, and J. Kittler, "Combining multiple classifiers by averaging or by multiplying?," Pattern Recognition, vol. 33, no. 9, pp. 1475-1485, Sep. 2000.
[29] Z. Chen, Consensus in Group Decision Making Under Linguistic Assessments, Ph. D. Dissertation, Kansas State University, 2005.
[30] F. Herrera, E. Herrera - Viedma, and J. L. Verdegay, "Direct approach processes in group decision making using linguistic OWA operators," Fuzzy Sets and Systems, vol. 79, no. 2, pp. 175-190, Apr. 1996.
[31] R. R. Yager, "On ordered weighted averaging aggregation operators in multi-criteria decision making," IEEE Trans. on Systems, Man and Cybernetics, vol. 18, no. 1, pp. 183-190, Jan./Feb. 1988.
[32] H. Chen and L. Zhou, "An approach to group decision making with interval fuzzy preference relations based on induced generalized continuous ordered weighted averaging operator," Expert Systems with Applications, vol. 38, no. 10, pp. 13432-13440, Sep. 2011.
[33] M. Dursun, E. E. Karsak, and M. A. Karadayi, "A fuzzy multi-criteria group decision making framework for evaluating health - care waste disposal alternatives," Expert Systems with Applications, vol. 38, no. 9, pp. 11453-11462, Sep. 2011.
[34] J. M. Merigo and A. M. Gil-Lafuente, "Fuzzy induced generalized aggregation operators and its application in multi - person decision making," Expert Systems with Applications, vol. 38, no. 8, pp. 9761-9772, Aug. 2011.
[35] J. Y. Yu and P. H. J. Chong, "A survey of clustering schemes for mobile ad hoc networks," IEEE Communications Surveys & Tutorials, vol. 7, no. 1, pp. 32-48, First Quarter 2005.
[36] J. Wu et al., "On calculating power - aware connected dominating sets for efficient routing in ad hoc wireless networks," International J. of Communication Networks and Distributed Systems, vol. 4, no. 1, pp. 59-70, Mar. 2002.
[37] T. C. Hou and T. J. Tsai, "An access - based clustering protocol for multi - hop wireless ad hoc networks," IEEE J. on Selected Areas in Communications, vol. 19, no. 7, pp. 1201-1210, Jul. 2001.
[38] V. S. Anitha and M. P. Sebastian, "(k, r) - dominating set - based, weighted and adaptive clustering algorithms for mobile ad hoc networks," IET Communications, vol. 5, no. 13, pp. 1836-1853, Sep. 2011.
[39] J. A. Torkestani and M. R. Meybodi, "Clustering the wireless ad hoc networks: a distributed learning automata approach," J. of Parallel and Distributed Computing, vol. 70, no. 4, pp. 394-405, Apr. 2010.
[40] K. Bhargavan, C. A. Gunter, M. Kim, I. Lee, D. Obradovic, O. Sokolsky, and M. Viswanathan, "Verisim: formal analysis of network simulations," IEEE Trans. on Software Engineering, vol. 28, no. 2, pp. 129-145, Feb. 2002.
[41] R. Perdisci, D. Ariu, P. Fogla, G. Giacinto, and W. Lee, "McPAD : a multiple classifier system for accurate payload - based anomaly detection," Computer Networks, Special Issue on Traffic Classification and Its Applications to Modern Networks, vol. 53, no. 6, pp. 864-881, Apr. 2009.
[42] G. Giacinto, R. Perdisci, M. Del Rio, and F. Roli, "Intrusion detection in computer networks by a modular ensemble of one - class classifiers," Information Fusion, Special Issue on Applications of Ensemble Methods, vol. 9, no. 1, pp. 69-82, Jan. 2008.
[43] NS-2 (Network Simulator Version 2), URL: http://www.isi.edu/nsnam/ns/ns-documentation, Jan. 2010.
[44] A. J. Dobson and A. G. Barnett, An Introduction to Generalized Linear Models, Chapman and Hall, 3rd Edition, 2008.