Published online by Cambridge University Press: 26 February 2010
Intrusion detection has, over the last few years, assumed paramount importance within the broad realm of network security; more so in the case of wireless ad hoc networks. These are networks that do not have an underlying infrastructure and the network topology is constantly changing. The inherently vulnerable characteristics of wireless ad hoc networks make them susceptible to attacks and countering attacks might end up being too little too late. Secondly, with so much advancement in hacking, if attackers try hard enough, they will eventually succeed in infiltrating the system. This makes it important to monitor constantly (or at least periodically) what is taking place on a system and look for suspicious behavior. Intrusion detection systems (IDSs) do just that: monitor audit data, look for intrusions to the system, and initiate a proper response (e.g., email the systems administrator, start an automatic retaliation, etc.). As such, there is a need to complement traditional security mechanisms with efficient intrusion detection and response. This chapter discusses the problem of intrusion detection in mobile ad hoc networks and presents the solutions that have been proposed so far.
Wireless ad hoc networks have been in focus within the wireless research community. Essentially, these are networks that do not have an underlying fixed infrastructure. Mobile hosts “join” in, on the fly, and create a network on their own. With the network topology changing dynamically and the lack of a centralized network management functionality, these networks tend to be vulnerable to a number of attacks.