| Summary: | 碩士 === 國防管理學院 === 國防資訊研究所 === 94 === Compare to wired networks and the infrastructure wireless networks, developing the intrusion detection system(IDS) in ad-hoc wireless networks(also known as MANET)is a really challenge, because of the the nature of the limited bandwidth, dynamic topology and is lack of the central control unit. Although encryption and authentication mechanism can raise the network security, but not for the attacks which caused by the compromised nodes inside, especially the network operation needs the intermediate nodes participate in and be cooperative.All nodes have to decide which one is worthy to trust. This paper induce several foreign studies related, trying to analysis, and adopt the cluster-based architecture as my theory basic. Accord to the distributed and cooperative operation in ad-hoc, the paper purpose a cluster-based IDS architecture. In the architecture model, the cluster heads receive and aggregate the alerts from other nodes, combine with the nodes’s cluster information, distinguish the trust relation between these nodes. Finally, we practice to explain this operation, and decrease false alerts to improve the efficiency.
|
|---|
