Skip to Main Content
In this paper we focus on intrusion detection in wireless networks. The intrusion detection community has been concentrating mainly on wired networks. Techniques geared towards wireline networks would not suffice for an environment consisting of multihop wireless links because of the various differences such as lack of fixed infrastructure, mobility, the ease of listening to wireless transmissions, lack of clear separation between normal and abnormal behavior in ad hoc networks. In this paper we consider the signature detection technique and investigate the ability of various routing protocols to facilitate intrusion detection when the attack signatures are completely known. We show that reactive ad-hoc routing protocols suffer from a serious problem due to which it might be difficult to detect intrusions even in the absence of mobility. Mobility makes the problem of detecting intruders harder. We also investigate a relationship between the probability of detecting an intrusion and the number of nodes that must participate in the process of detecting intrusions.