Distributed active maintenance for intrusion detection structures

Intrusion detection (ID) effectiveness (low latency, low overhead, high accuracy) depends also on the collection of the corresponding data. In this paper we introduce an active maintenance mechanism that is distributed utilizing one hop information. This mechanism focuses on the maintenance of optimally formed tree ID structures, utilized for the collection and processing of ID data. The maintenance is called active, as opposed to the existing passive maintenance mechanisms, which are triggered only when the feasibility (e.g. connectivity) of the ID structures is violated, because continuously the participating nodes monitor their neighborhood characteristics that are related to the ID structures design objectives and take restructuring decisions so that the quality (design objectives) of the ID structures is maintained. We evaluate and present the effectiveness of active maintenance mechanism by implementing it in ARL´s Wireless Emulation Lab (WEL) Testbed and comparing its optimality with respect to the optimality of tree ID structures formed utilizing a previously proposed global optimization mechanism based on simulated annealing (SA).