Uma arquitetura de sistemas de detecção de intrusão em redes ad hoc sem fios usando esteganografia e mecanismos de reputação

Abstract

This work presents an architecture for a Intrusion Detection System (IDS) in wireless ad hoc networks using reputation mechanisms and steganography for IDS alert exchange. This solution eliminates the requirement of a safe communication channel between nodes, where the use of cryptography becomes expensive in regards to scarce processing and energy, in addition to the need for a public key infrastructure. Steganography is used to carry messages in IDMEF (intrusion Detection Message Exchange Format) standard exchanged between the IDSs. The reputation mechanisms are used to classify the messages exchanged the IDSs forming a local opinion on one determined evidence of global invasion. This work also presents the results on the identification of formats and frequency of alerts that are sent by the architecture and the size and the format of images that can serve as stego-image for the IDS. Furthermore, this work notes the possible use of traffic actual images of a network as a means of transporting the alerts and exposes the study of energy comsuption of the proposed architecture, making a comparison with one architecture for public key infrastructure in ad hoc networks.