ABSTRACT

In Wireless mobile Ad Hoc Networks (MANET) every node functions as transmitter, router and data sink is network without infrastructure. Detecting malicious nodes in an open ad-hoc network in which participating nodes have no previous security associations presents a number of challenges not faced by traditional wired networks. Traffic monitoring in wired networks is usually performed at switches, routers and gateways, but an ad-hoc network does not have these types of network elements where the Intrusion Detection System (IDS) can collect and analyse audit data for the entire network. A number of neighbour-monitoring, trust-building, and cluster-based voting schemes have been proposed in the research to enable the detection and reporting of malicious activity in ad-hoc networks. The resources consumed by ad-hoc network member nodes to monitor, detect, report, and diagnose malicious activity, however, may be greater than simply rerouting packets through a different available path. In this paper we are trying to protect our network from distributed denial of service attack (DDOS), In this paper we present method for determining intrusion or misbehave in MANET using intrusion detection system and protect the network from distributed denial of service (DDOS) and analysis the result on the bases of actual TCP flow monitoring, routing load ,packet delivery ratio and average end-to-end delay in normal , DDOS attack and IDS time .