{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,8,2]],"date-time":"2025-08-02T18:19:41Z","timestamp":1754158781305,"version":"3.41.2"},"reference-count":28,"publisher":"Emerald","issue":"4","license":[{"start":{"date-parts":[[2016,10,10]],"date-time":"2016-10-10T00:00:00Z","timestamp":1476057600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.emerald.com\/insight\/site-policies"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["ICS"],"published-print":{"date-parts":[[2016,10,10]]},"abstract":"<jats:sec>\n<jats:title content-type=\"abstract-subheading\">Purpose<\/jats:title>\n<jats:p>Wireless multi-hop <jats:italic>ad hoc<\/jats:italic> networks are becoming very attractive and widely deployed in many kinds of communication and networking applications. However, distributed and collaborative routing in such networks makes them vulnerable to various security attacks. This paper aims to design and implement a new efficient intrusion detection and prevention framework, called EIDPF, a host-based framework suitable for mobile <jats:italic>ad hoc<\/jats:italic> network\u2019s characteristics such as high node\u2019s mobility, resource-constraints and rapid topology change. EIDPF aims to protect an AODV-based network against routing attacks that could target such network.<\/jats:p>\n<\/jats:sec>\n<jats:sec>\n<jats:title content-type=\"abstract-subheading\">Design\/methodology\/approach<\/jats:title>\n<jats:p>This detection and prevention framework is composed of three complementary modules: a specification-based intrusion detection system to detect attacks violating the protocol specification, a load balancer to prevent fast-forwarding attacks such as wormhole and rushing and adaptive response mechanism to isolate malicious node from the network.<\/jats:p>\n<\/jats:sec>\n<jats:sec>\n<jats:title content-type=\"abstract-subheading\">Findings<\/jats:title>\n<jats:p>A key advantage of the proposed framework is its capacity to efficiently avoid fast-forwarding attacks and its real-time detection of both known and unknown attacks violating specification. The simulation results show that EIDPF exhibits a high detection rate, low false positive rate and no extra communication overhead compared to other protection mechanisms.<\/jats:p>\n<\/jats:sec>\n<jats:sec>\n<jats:title content-type=\"abstract-subheading\">Originality\/value<\/jats:title>\n<jats:p>It is a new intrusion detection and prevention framework to protect <jats:italic>ad hoc<\/jats:italic> network against routing attacks. A key strength of the proposed framework is its ability to guarantee a real-time detection of known and unknown attacks that violate the protocol specification, and avoiding wormhole and rushing attacks by providing a load balancing route discovery.<\/jats:p>\n<\/jats:sec>","DOI":"10.1108\/ics-08-2015-0034","type":"journal-article","created":{"date-parts":[[2016,10,19]],"date-time":"2016-10-19T09:36:10Z","timestamp":1476869770000},"page":"298-325","source":"Crossref","is-referenced-by-count":3,"title":["An efficient intrusion detection and prevention framework for <i>ad hoc<\/i> networks"],"prefix":"10.1108","volume":"24","author":[{"given":"Abdelaziz","family":"Amara Korba","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Mehdi","family":"Nafaa","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Salim","family":"Ghanemi","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"140","reference":[{"first-page":"697","article-title":"Log-based intrusion detection for MANET","year":"2012","key":"key2020121201240893000_ref001"},{"issue":"1","key":"key2020121201240893000_ref002","first-page":"25","article-title":"BeeID: intrusion detection inAODV-based MANETs using artificial bee colony and negative selection algorithms","volume":"4","year":"2012","journal-title":"The ISC International Journal of Information Security"},{"volume-title":"Security in Wireless Ad Hoc and Sensor Networks","year":"2008","key":"key2020121201240893000_ref003"},{"first-page":"3626","volume-title":"Optimized Link stat E Routing Protocol (OLSR)","year":"2003","key":"key2020121201240893000_ref004"},{"key":"key2020121201240893000_ref005","first-page":"294","article-title":"Modelling and analysis of attacks on the MANET routing in AODV","volume-title":"5th international conference on Ad-Hoc, Mobile, and Wireless Networks (ADHOC-NOW\u201906","author":"Springer-Verlag","year":"2006"},{"issue":"8","key":"key2020121201240893000_ref006","first-page":"181","article-title":"Detection and accusation of packet forwarding misbehaviour in mobile ad hoc networks","volume":"2","year":"2008","journal-title":"Journal of Internet Engineering"},{"first-page":"121","article-title":"Evaluation of a specification-based intrusion detection system for AODV","year":"2007","key":"key2020121201240893000_ref007"},{"key":"key2020121201240893000_ref008","first-page":"33","article-title":"Securing the AODV protocol using specification-based intrusion detection","volume-title":"The 2nd ACM International Workshop on Quality of Service & Security for Wireless and Mobile Networks","year":"2006"},{"key":"key2020121201240893000_ref009","first-page":"125","article-title":"Attack analysis and detection for ad hoc routing protocols","volume-title":"Recent Advances in Intrusion Detection","year":"2004"},{"issue":"2","key":"key2020121201240893000_ref010","first-page":"61","article-title":"A neural network scheme for anomaly based intrusion detection systems in mobile ad hoc networks","volume":"4","year":"2012","journal-title":"Journal of Computing"},{"first-page":"1","article-title":"Combat with black hole attack in AODV routing protocol in MANETs","year":"2009","key":"key2020121201240893000_ref011"},{"issue":"1","key":"key2020121201240893000_ref012","doi-asserted-by":"crossref","first-page":"226","DOI":"10.1016\/j.adhoc.2012.05.006","article-title":"Intrusion detection in MANET using classification algorithms: the effects of cost and model selection","volume":"11","year":"2013","journal-title":"Ad Hoc Networks"},{"issue":"4","key":"key2020121201240893000_ref013","doi-asserted-by":"crossref","first-page":"1249","DOI":"10.1016\/j.jnca.2012.01.019","article-title":"Security threats and solutions in MANETs: a case study using AODV and SAODV","volume":"35","year":"2012","journal-title":"Journal of Network and Computer Applications"},{"issue":"4","key":"key2020121201240893000_ref014","doi-asserted-by":"crossref","first-page":"2047","DOI":"10.1007\/s11235-011-9484-6","article-title":"Protection of MANETs from a range of attacks using an intrusion detection and prevention system","volume":"52","year":"2013","journal-title":"Telecommunication Systems"},{"issue":"4","key":"key2020121201240893000_ref015","doi-asserted-by":"crossref","first-page":"2027","DOI":"10.1109\/SURV.2013.030713.00201","article-title":"A survey of MANET intrusion detection & prevention approaches for network layer attacks","volume":"15","year":"2013","journal-title":"IEEE Communications Surveys & Tutorials"},{"issue":"0","key":"key2020121201240893000_ref016","first-page":"368","article-title":"An intrusion detection & adaptive response mechanism for MANETs","volume":"13","year":"2014","journal-title":"Ad Hoc Networks"},{"issue":"3","key":"key2020121201240893000_ref017","first-page":"795","article-title":"How to misuse AODV: a case study of insider attacks against mobile ad-hoc routing protocols","volume":"6","year":"2005","journal-title":"Ad Hoc Networks"},{"first-page":"1","article-title":"A novel intrusion detection system for MANETs","year":"2010","key":"key2020121201240893000_ref018"},{"key":"key2020121201240893000_ref019","doi-asserted-by":"crossref","first-page":"67","DOI":"10.1016\/j.comcom.2014.08.002","article-title":"A specification-based intrusion detection engine for infrastructure-less networks","volume":"54","year":"2014","journal-title":"Computer Communications"},{"year":"2003","key":"key2020121201240893000_ref020","article-title":"Ad hoc On-demand Distance Vector (AODV)"},{"issue":"12","key":"key2020121201240893000_ref021","first-page":"21","article-title":"Attack trees - modeling security threats","volume":"24","year":"1999","journal-title":"Dr\u201d, Dobb\u2019s Journal"},{"key":"key2020121201240893000_ref022","unstructured":"Sen, S. (2010), \u201cEvolutionary computation techniques for intrusion detection in mobile ad hoc networks\u201d, Doctoral dissertation, University of York."},{"issue":"3","key":"key2020121201240893000_ref023","doi-asserted-by":"crossref","first-page":"1089","DOI":"10.1109\/TIE.2012.2196010","article-title":"EAACK \u2013 A secure intrusion-detection system for MANETs","volume":"60","year":"2013","journal-title":"Industrial Electronics, IEEE Transactions"},{"issue":"2","key":"key2020121201240893000_ref024","doi-asserted-by":"crossref","first-page":"208","DOI":"10.1016\/j.cose.2009.09.005","article-title":"WARP A wormhole-avoidance routing protocol by anomaly detection in mobile ad hoc networks","volume":"29","year":"2010","journal-title":"Computers & Security"},{"issue":"1","key":"key2020121201240893000_ref025","doi-asserted-by":"crossref","first-page":"107","DOI":"10.1016\/j.comcom.2010.08.007","article-title":"Prevention of selective black hole attacks on mobile ad hoc networks through intrusion detection systems","volume":"34","year":"2011","journal-title":"Computer Communications"},{"key":"key2020121201240893000_ref026","unstructured":"The network simulator (2016), ns2., available at: www.isi.edu\/nsnam\/ns\/"},{"key":"key2020121201240893000_ref027","first-page":"125","article-title":"A specification based intrusion detection for AODV","volume-title":"ACM Workshop on Security of Ad Hoc and Sensor Networks","year":"2003"},{"key":"key2020121201240893000_ref028","first-page":"1","article-title":"Proposal of a method to detect black hole attack in MANETs","volume-title":"Proceeding IEEE International Symposium on Autonomous Decentralized System ISADS","year":"2009"}],"container-title":["Information &amp; Computer Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/www.emeraldinsight.com\/doi\/full-xml\/10.1108\/ICS-08-2015-0034","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/ICS-08-2015-0034\/full\/xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/ICS-08-2015-0034\/full\/html","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,25]],"date-time":"2025-07-25T01:23:06Z","timestamp":1753406586000},"score":1,"resource":{"primary":{"URL":"http:\/\/www.emerald.com\/ics\/article\/24\/4\/298-325\/107848"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016,10,10]]},"references-count":28,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2016,10,10]]}},"alternative-id":["10.1108\/ICS-08-2015-0034"],"URL":"https:\/\/doi.org\/10.1108\/ics-08-2015-0034","relation":{},"ISSN":["2056-4961"],"issn-type":[{"type":"print","value":"2056-4961"}],"subject":[],"published":{"date-parts":[[2016,10,10]]}}}