View article

MOBILE AD HOC NETWORK s (MANETs) are multi-hop wireless networks of mobile nodes constructed dynamically without the use of any fixed network infrastructure. Due to inherent characteristics of these networks, malicious nodes can easily disrupt the routing process. A traditional approach to detect such malicious network activities is to build a pro le of the normal network traffic, and then identify an activity as suspicious if it deviates from this profile. As the topology of a MANET constantly changes over time, the simple use of a static pro le is not efficient. In this paper, we present a dynamic hybrid approach based on the ARTIFICIAL BEE COLONY (ABC) and NEGATIVE SELECTION (NS) algorithms, called BeeID, for INTRUSION DETECTION in AODV-based MANETs. The approach consists of three phases: training, detection, and updating. In the training phase, a niching ARTIFICIAL BEE COLONY algorithm, called NicheNABC, runs a NEGATIVE SELECTION algorithm multiple times to generate a set of mature negative detectors to cover the nonself space. In the detection phase, mature negative detectors are used to discriminate between normal and malicious network activities. In the updating phase, the set of mature negative detectors is updated by one of two methods of partial updating or total updating. We use the MONTE CARLO INTEGRATION to estimate the amount of the nonself space covered by negative detectors and to determine when the total updating should be done. We demonstrate the effectiveness of BeeID for detecting several types of ROUTING ATTACK s on AODV-based MANETs simulated using the NS2 simulator. The …