A real time communication network having the open access features also suffers from various intruders. These intruders steal the communication information, disrupt the data or slow down the transmission. In this paper, a dynamic signature and parameter map based model is presented for intrusion detection. At earlier stage of this model, the log-event table map is performed to verify the authenticity of node. At this stage, the prevention from any external node is done under activity monitoring. In final stage, the communication observation under multiple parameters is done to identify the intrusion. The query pattern observation is applied in this stage to identify the attacked node and pattern. The proposed work model is simulated in NS2 environment with multiple query patterns. The observations show that the model has identified various attack patterns significantly.

Signature, Query Pattern, Intrusion Detection, Activity Monitoring

[1] Axel Krings," Neighborhood Monitoring in Ad Hoc Networks", CSIIRW ’10, April 21-23, 2010, Oak Ridge, Tennessee, USA ACM 978-1-4503-0017-9
[2 Ying Li," Component-Based Track Inspection Using Machine-Vision Technology", ICMR’11, April 17-20, 2011, Trento, Italy ACM 978-1-4503-0336-1/11/04
[3] Bogdan Carbunar," JANUS: Towards Robust and Malicious Resilient Routing in Hybrid Wireless Networks", WiSe’04, October 1, 2004, Philadelphia, Pennsylvania, USA. ACM 1-58113-925-X/04/0010
[4] Johann Schlamp," How to Prevent AS Hijacking Attacks", CoNEXT Student’12, December 10, 2012, Nice, France. ACM 978-1-4503-1779-5/12/12
[5] Joshua Goodman," Stopping Outgoing Spam", EC’04, May 17–20, 2004, New York, New York, USA. ACM 1-58113-711-0/04/0005
[6] Danny Dhillon," Implementation & Evaluation of an IDS to Safeguard OLSR Integrity in MANETs", IWCMC’06, July 3–6, 2006, Vancouver, British Columbia, Canada. ACM 1-59593-306-9/06/0007
[7] Ahmed Khurshid," VeriFlow: Verifying Network-Wide Invariants in Real Time", HotSDN’12, August 13, 2012, Helsinki, Finland. ACM 978-1-4503-1477-0/12/08
[8] Evan Cooke," Toward Understanding Distributed Blackhole Placement", WORM’04, October 29, 2004, Washington, DC, USA. ACM 1-58113-970-5/04/0010
[9] Umair Sadiq," CRISP: Collusion–Resistant Incentive–Compatible Routing and Forwarding in Opportunistic Networks", MSWiM’12, October 21–25, 2012, Paphos, Cyprus. ACM 978-1-4503-1628-6/12/10
[10] Mauro Conti," A Randomized, Efficient, and Distributed Protocol for the Detection of Node Replication Attacks in Wireless Sensor Networks", MobiHoc’07, September 9-14, 2007, Montréal, Québec, Canada. ACM 978-1-59593-684-4/07/0009
[11] Garima Gupta," Reference based approach to Mitigate Blackhole Attacks in Delay Tolerant Networks", Q2SWinet’12, October 24–25, 2012, Paphos, Cyprus. ACM 978-1-4503-1619-4/12/10