Skip to Main Content
Without a fixed security infrastructure, mobile ad hoc networks must distribute intrusion detection among their nodes. But even though a distributed intrusion-detection system can combine data from multiple nodes to estimate the likelihood of an intrusion, the observing nodes-might not be reliable. The Dempster-Shafer theory of evidence is well suited for this type of problem because it reflects uncertainty. Moreover, Dempster's rule for combination gives a numerical procedure, for fusing together multiple pieces of evidence from unreliable observers. The authors review the Dempster-Shafer theory in the context of distributed intrusion detection and demonstrate the theory's usefulness.