Applying mobile agent to intrusion response for ad hoc networks

Abstract

Mobile ad hoc networking offers convenient infrastructureless communication over the shared wireless channel. However, the nature of ad hoc networks makes them vulnerable to security attacks. Existing security technologies such as intrusion prevention and intrusion detection are passive in response to intrusions in that their countermeasures are only to protect the networks and there is no automated, network-wide counteraction against detected intrusions. While they all play an important role in counteracting intrusion, they do not, however, effectively address the root cause of the problem - intruders. In this paper, we propose the architecture of automated intrusion response. When an intruder is found in our architecture, the block agents will get to the neighbor nodes of the intruder and formed the mobile firewall to isolate the intruder. © Springer-Verlag Berlin Heidelberg 2005.