An Intrusion Prevention Mechanism in Mobile Ad Hoc Networks
Ping Yi, Ting Zhu, Jianqing Ma and Yue Wu
Mobile ad hoc networks (MANETs) are vulnerable to attacks with dynamic change of topology and unreliable wireless communication. Intrusion detection systems (IDSs) are important in MANETs to effectively identify an intruder. Then, IDS may broadcast the blacklist to all nodes in network. This method is simple but it may exhaust communication bandwidth and node resource, especially when there are a large number of nodes in network. In the paper, we develop an intrusion prevention mechanism in MANETs called mobile firewall. It can isolate an intruder with less overhead, and it can track the intruder to continually prevent the attack. We analyze the overhead cost of the mobile firewall and compare it with the flooding broadcast method. Simulations show our method can prevent invader effectively and communication overhead is less.