University of Surrey

Test tubes in the lab Research in the ATI Dance Research

Applying Military Tactics to Multi-Agent Intrusion Detection in Wireless ad hoc Networks.

Stafrace, Stefan K. (2014) Applying Military Tactics to Multi-Agent Intrusion Detection in Wireless ad hoc Networks. Doctoral thesis, University of Surrey (United Kingdom)..

Available under License Creative Commons Attribution Non-commercial Share Alike.

Download (87MB) | Preview


Wireless Ad hoc Networks (WAHN) have become increasingly popular, providing the underlying communication network of nodes for deploying new technologies, such as Wireless Sensor Networks (WSN) and Vehicular Ad hoc Networks (VANET). This demand requires appropriate intrusion detection measures. WAHN offer a challenging environment for Intrusion Detection Systems (IDS). In particular WAHN have a dynamic topology, intermittent connectivity and energy constrained nodes. Researchers have sought the use of multi-agent IDS to overcome these challenges. The overall efficiency of a multi-agent IDS is dependent on the organisation and cooperation of the agents, which could influence the life expectancy of the network. It is therefore important that a balance is struck between the cost of operating the IDS and its benefits, whilst preserving the normal operation of the underlying network. This thesis proposes the novel use of techniques, tactics and procedures drawn from military doctrine to improve the efficiency of multi-agent IDS in resource constrained WAHN, such as WSN. As such the C2-IDS agent platform was designed to execute the combat functions carried out in a tactical command post. The deployed agents are grouped into tactical teams with a modular structure and hierarchical chain of command, which allows for scalability of the proposed framework. The C2-IDS framework also implements a Command and Control (C2) process that factors in operational environment variables to plan and determine the feasibility of an offensive mission to detect a malicious node. A simulation-based model of the solution under different network conditions was implemented to demonstrate how the agents behave, whilst detecting and recovering from multiple sinkhole attacks. The proof of concept was then evaluated in terms of processing (CPU) and radio energy consumed, agent communication and mobility overheads, the detection accuracy, and data loss incurred from the attack. The results demonstrated that the C2-IDS achieved improved performance in the simulated conditions with energy savings of 100 Joules per agent. These results were computed from a comparative analysis of simulation-based models, under the same simulated conditions, of (1) a defenceless WSN, and (2) a WSN with a generic multi-agent IDS devoid of any military characteristics. This also provides a benchmark of performance for comparing results of other implementations.

Item Type: Thesis (Doctoral)
Divisions : Theses
Authors : Stafrace, Stefan K.
Date : 2014
Additional Information : Thesis (Ph.D.)--University of Surrey (United Kingdom), 2014.
Depositing User : EPrints Services
Date Deposited : 14 May 2020 14:17
Last Modified : 14 May 2020 14:23

Actions (login required)

View Item View Item


Downloads per month over past year

Information about this web site

© The University of Surrey, Guildford, Surrey, GU2 7XH, United Kingdom.
+44 (0)1483 300800