nach oben

Wireless Networks

Erschienen in:

01.11.2010

RADAR: A reputation-driven anomaly detection system for wireless mesh networks

verfasst von: Zonghua Zhang, Pin-Han Ho, Farid Naït-Abdesselam

Erschienen in: Wireless Networks | Ausgabe 8/2010

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

As one of the backup measures of intrusion prevention techniques, intrusion detection plays a paramount role in the second defense line of computer networks. Intrusion detection in wireless mesh networks (WMNs) is especially challenging and requires particular design concerns due to their special infrastructure and communication mode. In this paper, we propose a novel anomaly detection system, termed RADAR, to detect and handle anomalous mesh nodes in wireless mesh networks. Specifically, reputation is introduced to characterize and quantify a node’s behavior in terms of fine-grained performance metrics of interest. The dual-core detection engine of RADAR then explores spatio-temporal property of such behavior to manifest the deviation between that of normal and anomalous nodes. Although the current RADAR prototype is only implemented with routing protocols, the design architecture allows it to be easily extended to cross-layer anomaly detection where anomalous events occur at different layers and can be resulted by either intentional intrusion or accidental network failure. The simulation results demonstrate that RADAR can achieve high detection accuracy, low computational complexity, and low false positive rate.

Vorheriger Artikel Joint relay assignment and power allocation for cooperative communications

Nächster Artikel Demand-driven publish/subscribe in mobile environments

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

The notion of transitive value in WMNs holds true since a node i will have a high opinion of a neighbor which has forwarded most of its packets.

RADAR is an acronym denoting ReputAtion-based system for Detecting Anomalous nodes in wiReless mesh networks.

Akyildiz, I. F., & Wang, X. (2005). Wireless mesh networks: A survey. Computer Networks, 47, 445–487.MATHCrossRef

Baras, J. S., Radosavac, S., et al. (2007). Intrusion detection system resiliency to byzantine attacks: The case study of wormholes in OLSR. In Proceedings of MILCOM2007.

Buchegger, S., & Le Boudec, J.-Y. (2009). Self-policing mobile Ad-Hoc networks by reputation systems. IEEE Communications Magazine, 43(7), 101–107.CrossRef

Buchegger, S., & Le Boudec, J.-Y. (2002). Performance analysis of the CONFIDANT protocol. In Proceedings of 3rd ACM MobiHoc’02 (pp. 226–236). Lausanne, Switzerland, June 2002.

Chartrand, G., Kubicki, G., & Schultz, M. (1998). Graph similarity and distance in graphs. Aequationes Mathematicae, 55(12), 129–145.MATHCrossRefMathSciNet

Du, Q., Emelianenko, M., & Ju, L. (2006). Convergence of the Lloyd algorithm for computing centroidal Voronoi tessellations. SIAM Journal of Numerical Analysis, 44, 102–119.MATHCrossRefMathSciNet

Forrest, S., Hofmeyr, S. A., & Longstaff, T. A. (1996). A sense of self for UNIX processes. In Proceedings of IEEE Symposium on Security and Privacy (S&P’96) (pp. 120–128). Oakland, USA.

Gersho, A., & Gray, R. (1992). Vector quantization and signal compression. Norwell, MA: Kluwer Academic Publisers.MATH

He, Q., Wu, D., & Khosla, P. (2004). SORI: A secure and objective reputation-based incentive scheme for ad hoc networks. In Proceedings of IEEE WCNC’04 (pp. 825–830). Atlanta, USA, Mar.

10.

Hu, Y., Johnson, D., & Maltz, D. (2003). The dynamic source routing protocol for mobile ad hoc networks (dsr). http://www.ietf.org/internet-drafts/draft-ietf-manet-dsr-09.txt, Apr. 2003.

11.

Huang, Y., & Lee, W. (2003). A cooperative intrusion detection system for ad hoc networks. In Proceedings of the ACM Workshop On Security in Ad Hoc and Sensor Networks, Fairfax, Virginia, Oct., 2003.

12.

Marti, S., Giuli, T. J., Lai, K., & Baker, M. (2000). Mitigating routing misbehavior in mobile ad hoc networks. In Proceedings of 6th ACM MobiCom’00. (pp. 255–265). Boston, USA, Aug., 2000.

13.

Marti, S., & Molina, H. G. (2006). Taxonomy of trust: Categorizing P2P reputation systems. Computer Networks, 50, 472–484.MATHCrossRef

14.

McHugh, J. (2001). Intrusion and intrusion detection. IInternational Journal of Information Security, 1(1), 14–35.MATH

15.

Michiardi, P., & Molva, R. (2002). CORE: A collaborative reputation mechanism to enforce node cooperation in mobile ad hoc networks. In Proceedings of the 6th IFIP Conference on Security Communications, and Multimedia (pp. 107–121). Portoroz, Slovenia, Sept., 2002.

16.

Mishra, A., Nadkarni, K., & Patcha, A. (2004). Intrusion detection in wireless ad hoc networks. IEEE Wireless Communications, 11, 48–60.

17.

Salem, B., & Hubaux, J.-P. (2006) Securing wireless mesh networks. IEEE Magaine on communication, pp. 50–55, Apr., 2006.

18.

So, J., & Vaidya, N. (2004) Multi-channel MAC for ad hoc networks: Handling multi-channel hidden terminals using a single transceiver. In Proceedings of the 5th ACM MobiHoc’04 (pp. 222–233). May, 2004.

19.

Sundaresan, K. Sivakumar, R., Ingram, M. A. & Chang, T.-Y. (2004). A fair medium access control protocol for ad hoc networks with MIMO links. In Proceedings of INFOCOM (pp. 2559–2570). Mar., 2004.

20.

Tan, K. M. C., & Maxion, R. A. (2002). Why 6? Defining the operational limits of stide, an anomaly-based intrusion detector. In Proceedings of the 2002 IEEE Symposium on Security and Privacy (S&P’02), May, 2002.

21.

Tseng, C. H., Wang, S. -H., Ko, C. & Levitt, K. (2006). DEMEM: Distributed evidence-driven message exchange intrusion detection model for MANET. In Proceedings of the 9th International Symposium on Recent Advances in Intrusion Detection (RAID 2006) (pp. 249–271). Sept., 2006.

22.

Kamvar, S. D., Schlosser, M. T., & Molina, H. G. (2003). The EigenTrust algorithm for reputation management in P2P Networks. In Proceedings of the 12th International conference on World Wide Web (WWW’03). May, 2003.

23.

Kodialam, M., & Nandagopal, T. (2005). Characterizing the capacity region in multi-radio multi-channel wireless mesh networks. In Proceedings of the 11th ACM MobiCom (pp. 73–87). Aug., 2005.

24.

The Qualnet simulator from Scalable Networks Inc. http://www.scalable-networks.com

25.

Qiu, L. Bahl, P., Rao, A., & Zhou, L. (2006). Troubleshooting wireless mesh networks. ACM SIGCOMM Computer Communication Review, 36(5), 17–28.CrossRef

26.

Zhang, Y., Lee, W., & Huang, Y. (2003). Intrusion detection techniques for mobile wireless networks. ACM Wireless Networks Journal, 9(5), 545–556.CrossRef

27.

Zhang, Z., Shen, H., & Sang, Y. (2007). An observation-centric analysis on the modeling of anomaly-based intrusion detection. International Journal of Network Security, 4(3), 292–305

28.

Zhang, Z., Ho, P-.H., & Naït-Abdesselam, F. (2009). On achieving cost-sensitive anomaly detection and response in mobile Ad Hoc networks, In Proceedings of IEEE International Conference on Communications (ICC’09), June 2009.

29.

Zhou, L., & Hass, Z. (1999). Securing ad hoc networks. IEEE Network Magazine Special issue on network security, 13(6), 24–30.

30.

Zouridaki, C., Mark, B. L., Hejmo, M., & Thomas R. K. (2007). Hermes a quantitative trust establishment framework for reliable data packet delivery in MANETs. Journal of Computer Security, 15(1), 3–38.

Titel: RADAR: A reputation-driven anomaly detection system for wireless mesh networks
verfasst von: Zonghua Zhang
Pin-Han Ho
Farid Naït-Abdesselam
Publikationsdatum: 01.11.2010
Verlag: Springer US
Erschienen in: Wireless Networks / Ausgabe 8/2010
Print ISSN: 1022-0038
Elektronische ISSN: 1572-8196
DOI: https://doi.org/10.1007/s11276-010-0255-1

Neuer Inhalt

Bildnachweise

VDI-Icon, Profil Icon, inhalt2, Springer Professional Modul/© Springer Fachmedien Wiesbaden GmbH, Nachhaltigkeitsaward Key Visual/© Cometis AG/Global ESG Monitor | Daniel Rupp | Generiert mit KI, Search Icon, Banner Hanser, Beijing Auto Show 2024: Deutsche Hersteller wollen angreifen./© EKH-Pictures / Generated with AI / Stock.adobe.com, Buchstaben, die aus einem Megaphon kommen/© MicroStockHub/Getty Images/iStock, Digitale Lieferkette/© zapp2photo / stock.adobe.com, Zeitschrift Wissensmanagement Cover, PatentFit-Logo/© Springer Fachmedien Wiesbaden GmbH, Sustainibility Finance/© Robert Kneschke / stock.adobe.com / Springer Fachmedien Wiesbaden GmbH, Zukunftswerkstatt Sales Excellence 2024/© AndreyPopov / Getty Images / iStock, 2023_Antrieb/© supervisuell

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Weitere Artikel der Ausgabe 8/2010

Routing for disruption tolerant networks: taxonomy and design

Joint relay assignment and power allocation for cooperative communications

Mobile hosts participating in peer-to-peer data networks: challenges and solutions

Rate matching: a new approach to hidden terminal problem in ad hoc networks

A scalable dual-radio wireless testbed for emulating mesh networks

Analytical expressions for blocking and dropping probabilities for mobile streaming users in wireless cellular networks

Neuer Inhalt

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.