Skip to main content
Log in

Machine learning for intrusion detection in MANET: a state-of-the-art survey

  • Published:
Journal of Intelligent Information Systems Aims and scope Submit manuscript

Abstract

Machine learning consists of algorithms that are first trained with reference input to “learn” its specifics and then used on unseen input for classification purposes. Mobile ad-hoc wireless networks (MANETs) have drawn much attention to research community due to their advantages and growing demand. However, they appear to be more susceptible to various attacks harming their performance than any other kind of network. Intrusion Detection Systems represent the second line of defense against malevolent behavior to MANETs, since they monitor network activities in order to detect any malicious attempt performed by intruders. Due to the inherent distributed architecture of MANET, traditional cryptography schemes cannot completely safeguard MANETs in terms of novel threats and vulnerabilities, thus by applying machine learning methods for IDS these challenges can be overcome. In this paper, we present the most prominent models for building intrusion detection systems by incorporating machine learning in the MANET scenario. We have structured our survey into four directions of machine learning methods: classification approaches, association rule mining techniques, neural networks and instance based learning approaches. We analyze the most well-known approaches and present notable achievements but also drawbacks or flaws that these methods have. Finally, in concluding our survey we provide some findings of paramount importance identifying open issues in the MANET field of interest.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  • Abdel-Fattah, F., & Dahalin, F. (2010). Dynamic intrusion detection method for mobile ad hoc network using CPDOD algorithm. In IJCA Special Issue on Mobile Ad-hoc Networks MANETs.

  • Abdel-Fattah, F., Dahalin, F., & Jusoh, Sh. (2010). Distributed and cooperative hierarchical intrusion detection on MANETs. International Journal of Computer Applications, 12(5).

  • Anjana-Devi, V., & Bhuvaneswaran, R.S. (2011a). Adaptive association rule mining based on cross layer intrusion detection system for MANET. International Journal of Network Security & Its Applications (IJNSA), 3(510.5121/ijnsa.2011.3519), 243.

  • Anjana-Devi, V., & Bhuvaneswaran, R.S. (2011b). Agent based cross layer intrusion detection system for MANET. In Advances in Network Security and Applications Communications in Computer and Information Science, (Vol. 196 pp. 427–440).

  • Bose, S., Bharathimurugan, S., & Kannan, A. (2007). Multi-layer intergraded anomaly intrusion detection for mobile ad hoc networks. In Proceedings of the IEEE International Conference on Signal Processing Communications and Networking (ICSCN 2007) (pp. 360–365).

  • Cabrera, J.B.D., Gutirrez C., & Mehra, R.K. (2008). Ensemble methods for anomaly detection and distributed intrusion detection in mobile ad hoc networks. Information Fusion, 9, 96–119.

    Article  Google Scholar 

  • Cannady, J. (1998). Artificial neural networks for misuse detection. In Artificial Neural Networks - ICANN: International Conference Vienna.

  • Changguo, Y., Qin, Zh., Jingwei, Zh., Nianzhong, W., Xiaorong, Zh., & Tailei W. (2009). Improvement of association rules mining algorithm in wireless network intrusion detection. In Computational Intelligence and Natural Computing International Conference.

  • Cliftom, C., & Gengo, G. (2000). Developing custom intrusion detection filters using data mining. Military communications International LosAngeles.

  • Deepika, T., Vinchurkar, P., & Reshamwala, A. (2012). A review of intrusion detection system using neural network and machine learning. ISSN: 2319-5967 ISO 9001:2008 (IJESIT), 1(2).

  • Deng, H., Zeng, Q., & Agrawal, D.P. (2003). SVM-based intrusion detection system for wireless ad hoc networks. In Proceedings of the 58thIEEE Vehicular Technology Conference (VTC03), (Vol. 3, pp. 2147–2151).

  • Engen, V. (2010). Machine learning for network based intrusion detection. An investigation into Discrepancies in Findings with the KDD Cup 99 Data Set and Multi-Objective Evolution of Neural Network Classifier Ensembles for Imbalanced Data, Dissertation. Bournemouth University.

  • Fung, C., & Boutaba, R. (2010). Cooperation in Intrusion Detection Networks. Cooperative Networks.

  • Fung, C., & Boutaba, R. (2013). Design and Management of Collaborative Intrusion Detection Networks. Ghent Belgium: IFIP/IEEE Integrated Network Management Symposium (IM).

    Google Scholar 

  • Ghodratnama, S., Moosavi, M., Taheri, M., & Zolghadri, M. (2010). A cost sensitive learning algorithm for intrusion detection. In Proceedings of the 18th Iranian Conference on Electrical Engineering (ICEE), (pp. 559–565).

  • Hanemann, A. (2006). A hybrid rule-based/case-based reasoning approach for service fault Diagnosis. In Proceedings of the 2006 International Symposium on Frontiers in Networking with Applications.

  • Huang, Y., & Lee, W. (2003). A Cooperative Intrusion Detection System for Ad Hoc Networks. In Proceedings of the 1st ACM workshop on Security of ad hoc and sensor networks (pp. 135–147).

  • Huang, Y., Lee, W., & Yu, P. (2003). Cross-feature analysis for detecting ad-hoc routing anomalies. In Proceedings of the 23rd International Conference on Distributed Computing Systems (p. 478).

  • Kaur, H., Singh, G., & Minhas, J. (2013). A review of machine learning based anomaly detection techniques. International Journal of Computer Applications Technology and Research, 2(2), 185–187.

    Article  Google Scholar 

  • Lalli, M., & Palanisamy, V. (2014). A novel intrusion detection model for mobile ad-hoc networks using CP-KNN. International Journal of Computer Networks & Communications (IJCNC), 6(5). doi:10.5121/ijcnc.2014.6515_193.

  • Lane, T., & Brodley, C.E. (1999). Temporal sequence learning and data reduction for anomaly detection, ACM Transactions on Information and System Security, 295331.

  • Mabu, S., Chen, C., Lu, N., & Shimada, K. (2011). An intrusion-detection model based on fuzzy class-association-rule mining using genetic network programming. IEEE Transactions on Systems Man and Cybernetics Part C, 41(1), 130–139.

    Article  Google Scholar 

  • Maheshwar, K., & Singh, D. (2013). A review of data mining based intrusion detection techniques. International Journal of Application or Innovation in Engineering & Management (IJAIEM), 2(2), 2319–4847.

    Google Scholar 

  • Mitrokotsa, A., & Kominos, N. (2007). Intrusion detection and response in ad hoc networks. In International Journal of Computer Research.

  • Mitrokotsa, A., Komninos N., & Douligeris, Ch. (2007). Intrusion detection with neural networks and watermarking techniques for MANET. In Proceedings of IEEE International Conference on Pervasive Services (pp. 118–127).

  • Mitrokotsa, A., & Dimitrakakis, C. (2012). Intrusion detection in MANET using classification algorithms: The effects of cost and model selection ad-hoc Networks, Retrieved from doi:10.1016/j.adhoc.2012.05.006.

  • Moradi, Z., Teshnehlab, M., & Rahmani, A. (2011). Implementation of neural networks for intrusion detection in MANET. In International Conference on Emerging Trends in Electrical and Computer Technology (ICETECT).

  • Mukkamala, S., & Sung, A. (2006). Significant feature selection using computational intelligent techniques for intrusion detection. Berlin Heidelber: Springer.

    MATH  Google Scholar 

  • Panos, Ch., Xenakis, Ch., & Stavrakakis, I. (2011). An evaluation of anomaly-based intrusion detection engines for mobile ad hoc networks. Trust Privacy and Security in Digital Business Lecture Notes in Computer Science, 6863, 150–160.

    Article  Google Scholar 

  • Piatetsky-Shapiro, G., & Frawley, J. (1991). Discovery analysis and presentation of strong rules. Knowledge Discovery in Databases AAAI/MIT Press.

  • Ponsam, J., & Srinivasan, J. (2014). Multilayer intrusion detection in MANET. International Journal of Computer Applications, 98(20).

  • Shao, M., Lin, J., & Lee, Y. (2010). Cluster-based cooperative back propagation network approach for intrusion detection in MANET. In IEEE 10th International Conference on Computer an Information Technology (CIT).

  • Shrestha, R., Han, K., Choi, D., & Han, S. (2010). A cross layer intrusion detection system in MANET. In 24th IEEE International Conference on Advanced Information Networking and Applications.

  • Somasundaram, R.M., & Lakshmana, K. (2013). An intrusion detection system for MANET using CRF based Feature Selection and Temporal Association Rules. In International Journal of Soft Computing.

  • Visumathi, J., & Shunmunganathan, K.S. (2012). An effective IDS using feature selection and classification algorithm. In International Conference on Modeling Optimization and computing, Procedia Enginnering (pp. 2816–2823).

  • Zhang, Y., & Lee, W. (2003). A cooperative intrusion detection system for ad-hoc networks. In Proceedings of the 1st ACM Workshop on Security of Ad Hoc and Sensor Networks, SASN03 (p. 135147).

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Lediona Nishani.

Ethics declarations

Conflict of interests

L. Nishani and M. Biba state that there are no conflicts of interest.

Research involving Human Participants and/or Animals

This article does not contain any studies with human or animal subjects.

Informed consent

Informed consent is not required for the information referred in this research.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Nishani, L., Biba, M. Machine learning for intrusion detection in MANET: a state-of-the-art survey. J Intell Inf Syst 46, 391–407 (2016). https://doi.org/10.1007/s10844-015-0387-y

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10844-015-0387-y

Keywords

Navigation