doi: 10.17586/2226-1494-2022-22-4-699-707


Development of a model for detecting network traffic anomalies in distributed wireless ad hoc networks

L. V. Legashev, L. S. Grishina, D. I. Parfenov, A. Y. Zhigalov


Read the full article  ';
Article in Russian

For citation:
Legashev L.V., Grishina L.S., Parfenov D.I., Zhigalov A.Yu. Development of a model for detecting network traffic anomalies in distributed wireless ad hoc networks. Scientific and Technical Journal of Information Technologies, Mechanics and Optics, 2022, vol. 22, no. 4, pp. 699–707 (in Russian). doi: 10.17586/2226-1494-2022-22-4-699-707


Abstract
Mobile ad hoc networks are one of the promising directions of the edge computing technology and they are used in various applications, in particular, in the development of intelligent transport systems. A feature of mobile ad hoc networks lies in the constantly changing dynamic network topology, as a result of which it is necessary to use reactive routing protocols when transmitting packets between nodes. Mobile ad hoc networks are vulnerable to cyber-attacks, so there is a need to develop measures to identify network threats and develop rules for responding to them based on machine learning models. The subject of this study is the development of a dynamic model for detecting network traffic anomalies in wireless distributed ad hoc networks. Within the framework of this study, methods and algorithms of data mining and machine learning were applied. The proposed approach to traffic monitoring in wireless distributed ad hoc networks consists in the implementation of two stages: initial traffic analysis to identify anomalous events and subsequent in-depth study of cybersecurity incidents to classify the type of attack. Within the framework of this approach, the corresponding models are constructed based on ensemble methods of machine learning. A comparative analysis and selection of the most efficient machine learning algorithms and their optimal hyperparameters has been carried out. In this paper, a formalization of the traffic anomaly detection model in distributed wireless ad hoc networks is carried out, the main quantitative metrics of network performance are identified, a generalized algorithm for detecting traffic anomalies in mobile ad hoc networks is presented, and an experimental study of the network segment simulation is carried out from the point of view of performance degradation during the implementation of various network attack scenarios. Network distributed denial of service attacks and cooperative blackhole attacks have the greatest negative impact on the performance of the mobile ad hoc network segment. In addition, the network simulation results were used to build a machine learning model to detect anomalies and classify types of attacks. The results of a comparative analysis of machine learning algorithms showed that the use of the LightGBM method is the most effective for detecting network traffic anomalies with an accuracy of 91 %, and for determining directly the type of attack being carried out with an accuracy of 90 %. The proposed approach for network anomalies detection through the use of trained traffic analysis models makes it possible to identify the considered types of attacks in due time. The future development direction of this research is the consideration of new scenarios for the emergence of network attacks and online additional training of the constructed identification models. The developed software tool for detecting network traffic anomalies in distributed mobile ad hoc networks can be used for any type of wireless ad hoc networks.

Keywords: mobile ad hoc networks, performance metrics, intrusion detection system

Acknowledgements. The research was funded by the grant from President of the Russian Federation for state support of young Russian scientists (MK-2959.2021.1.6).

References
  1. Li S.-C., Yang H.-L., Zhu Q.-S. Research on MANET security architecture design. Proc. of the 2010 International Conference on Signal Acquisition and Processing (ICSAP), 2010, pp. 90–93. https://doi.org/10.1109/ICSAP.2010.19
  2. Karlsson J., Dooley L.S., Pulkkis G. Secure routing for MANET connected Internet of Things systems. Proc. of the 6th IEEE International Conference on Future Internet of Things and Cloud (FiCloud), 2018, pp. 114–119. https://doi.org/10.1109/FiCloud.2018.00024
  3. Alam T. Device-to-Device communications in cloud, MANET and Internet of Things integrated architecture. Journal of Information Systems Engineering and Business Intelligence, 2020, vol. 6, no. 1, pp. 18–26. https://doi.org/10.20473/jisebi.6.1.18-26
  4. Nehra D., Dhindsa K.S., Bhushan B. A Security Model to Make Communication Secure in Cluster-Based MANETs. Advances in Intelligent Systems and Computing, 2020, vol. 1079, pp. 183–193. https://doi.org/10.1007/978-981-15-1097-7_16
  5. Olanrewaju R.F., Khan B.U.I., Anwar F., Mir R.N., Yaacob M., Mehraj T. Bayesian signaling game based efficient security model for MANETs. Lecture Notes in Networks and Systems, 2020, vol. 70, pp. 1106–1122. https://doi.org/10.1007/978-3-030-12385-7_75
  6. Shabut A.M., Kaiser M.Sh., Dahal K.P., Chen W. A multidimensional trust evaluation model for MANETs. Journal of Network and Computer Applications, 2018, vol. 123, pp. 32–41. https://doi.org/10.1016/j.jnca.2018.07.008
  7. Salama H.M., El Mageed M.Z.A., Salama G.I.M., Badran K.M. CSMCSM: Client-Server Model for Comprehensive Security in MANETs. International Journal of Information Security and Privacy, 2021, vol. 15, no. 1, pp. 44–64. https://doi.org/10.4018/IJISP.2021010103
  8. Alani M.M. MANET security: A survey. Proc. of the 4th IEEE International Conference on Control System, Computing and Engineering (ICCSCE), 2014, pp. 559–564. https://doi.org/10.1109/ICCSCE.2014.7072781
  9. Kamel M.B.M., Alameri I., Onaizah A.N. STAODV: a secure and trust based approach to mitigate blackhole attack on AODV based MANET. Proc. of the 2nd IEEE Advanced Information Technology, Electronic and Automation Control Conference (IAEAC), 2017, pp. 1278–1282. https://doi.org/10.1109/IAEAC.2017.8054219
  10. Khare A.K., Rana J.L., Jain R.C. Detection of wormhole, blackhole and DDOS attack in MANET using trust estimation under fuzzy logic methodology. International Journal of Computer Network and Information Security (IJCNIS), 2017, vol. 9, no. 7, pp. 29–35. https://doi.org/10.5815/ijcnis.2017.07.04
  11. El-Semary A.M., Diab H. BP-AODV: Blackhole protected AODV routing protocol for MANETs based on chaotic map. IEEE Access, 2019, vol. 7, pp. 95197–95211. https://doi.org/10.1109/ACCESS.2019.2928804
  12. Khan S., Hashim F., Rasid M.F.A., Perumal T. Reducing the severity of black hole and DDoS attacks in MANETs by modifying AODV protocol using MAC authentication and symmetric encryption. Proc. of the 2nd International Conference on Telematics and Future Generation Networks (TAFGEN), 2018, pp. 109–114. https://doi.org/10.1109/TAFGEN.2018.8580488
  13. Li G., Yan Z., Fu Y. A study and simulation research of blackhole attack on mobile AdHoc network. Proc. of the 6th IEEE Conference on Communications and Network Security (CNS), 2018, pp. 8433148. https://doi.org/10.1109/CNS.2018.8433148
  14. Khan D.M., Aslam T., Akhtar N., Qadri S., Khan N.A., Rabbani I.M., Aslam M. Black hole attack prevention in mobile ad-hoc network (MANET) using ant colony optimization technique. Information Technology and Control, 2020, vol. 49, no. 3, pp. 308–319. https://doi.org/10.5755/j01.itc.49.3.25265
  15. Gautam D., Tokekar V. A novel Approach for Detecting DDoS Attack in MANET. Materials Today: Proceedings, 2020, vol. 29, pp. 674–677. https://doi.org/10.1016/j.matpr.2020.07.332
  16. Rzayev B.T., Lebedev I.S. Applying bagging in finding network traffic anomalies. Scientific and Technical Journal of Information Technologies, Mechanics and Optics, 2021, vol. 21, no. 2, pp. 234–240. (in Russian). https://doi.org/10.17586/2226-1494-2021-21-2-234-240
  17. Tomar R., Prateek M., Sastry H.G. A novel approach to multicast in VANET using MQTT. Ada User Journal, 2017, vol. 38, no. 4, pp. 231–235.
  18. Potrino G., De Rango F., Santamaria A.F. Modeling and evaluation of a new IoT security system for mitigating DoS attacks to the MQTT broker. Proc. of the IEEE Wireless Communications and Networking Conference (WCNC), 2019, pp. 8885553. https://doi.org/10.1109/WCNC.2019.8885553
  19. Sadeq A.S., Hassan R., Al-Rawi S.S., Jubair A.M., Aman A.H.M. A QoS approach for Internet of Things (IoT) environment using MQTT protocol. Proc. of the 2019 International Conference on Cybersecurity (ICoCSec), 2019, pp. 59–63. https://doi.org/10.1109/ICoCSec47621.2019.8971097


Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License
Copyright 2001-2024 ©
Scientific and Technical Journal
of Information Technologies, Mechanics and Optics.
All rights reserved.

Яндекс.Метрика