An EFSM-Based Intrusion Detection System for Ad Hoc Networks

Overview

Mobile ad hoc networks offer very interesting perspectives in wireless communications due to their easy deployment and their growing performances. However, due to their inherent characteristics of open medium, very dynamic topology, lack of infrastructure and lack of centralized management authority, MANET present serious vulnerabilities to security attacks. This paper proposes an intrusion detection scheme based on Extended Finite State Machines (EFSM). A formal specification of the correct behavior of the routing protocol is provided and by the means of a backward checking algorithm, detects run-time violations of the implementation. The paper chooses the standard proactive routing protocol OLSR as a case study and show that the approach allows to detect several kinds of attacks as well as conformance anomalies.