关键词: Ad hoc网络，入侵检测系统，异常检测，隐半马尔可夫模型

Abstract: Mobile Ad hoc Networks arc very vulnerable to malicious attacks due to the nature of mobile computing environment such as wireless communication channels, limited power and bandwidth, dynamically changing and distributed network topology,etc. The general existing Intrusion Detection Systems (IDS) have provided little evidence that they are applicable to a broader range threats. Based on the generalized and cooperative intrusion detection architecture proposed as the foundation for all intrusion detection, we presented an anomaly detection mechanism to discriminate the illegitimate network behaviors of mobile nodes. 13y collecting the observation sequences of multiple protocol layers, Hidden semi-Markov Model (HSMM) was explored to describe the network behaviors of legitimate nodes and to implement the anomaly detection for various malicious attacks. We conducted extensive experiments using the ns-2 simulation environment to evaluate and validate our research.

Key words: Mobile ad hoc network, IDS, Anomaly detection, HSMM