Military tactics in agent-based sinkhole attack detection for wireless ad hoc networks

Wireless Ad hoc Networks (WAHNs) offer a challenging environment for conventional Intrusion Detection Systems (IDSs). In particular WAHN have a dynamic topology, intermittent connectivity, resource constrained device nodes and possibly high node churn. Researchers over the past years have encouraged the use of agent-based IDS to overcome these challenges. In this work we propose the use of military tactics to optimise the operations of agent-based IDS for WAHN. We design an agent framework modeled over a military command structure and an agent behavioural model, which employs adapted military tactics to police routes, and detect intruders in the network. The tactical agents follow a risk-based approach such that the frequency of patrols is directly proportional to the risk factor of the route. Consequently, resources are conserved without impacting the effectiveness of he IDS. We demonstrate the proof of concept through a case study. In this study, we implement a simulation-based model of our solution to detect and recover from a Sinkhole attack in a Wireless Sensor Network (WSN), using the Ad hoc On Demand Distance Vector (AODV) as routing protocol. We evaluate the proof of concept in terms of the detection precision, data loss incurred from the attack and the agent overheads due to mobility and communication. (C) 2009 Elsevier B.V. All rights reserved.