Flow-net methodology for accountability in wireless networks

Accountability implies that any entity should be held responsible for its own specific action or behavior so that the entity is part of larger chains of accountability. One of the goals of accountability is that once an event has transpired, the events that took place are traceable so that the causes can be determined afterward. The poor accountability provided by today's computers and networks wastes a great deal of money and effort; examples include activities to identify whether a system is under reconnaissance or attack, and the difficulties of distinguishing legitimate emails from phishing attacks. This is due to the simple fact that today's computing and network infrastructure was not built with accountability in mind. In this article we propose a novel methodology called flow-net for accountability. We apply this methodology to media access control and routing layers in wireless networks. We then compare the performance of flow-net with audit log files. This article presents a novel approach for traffic data collection that can also be used for forensics and intrusion detection purposes.

[1]  Deirdre K. Mulligan,et al.  Implementing Copyright Limitations in Rights Expression Languages , 2002, Digital Rights Management Workshop.

[2]  Renato J. O. Figueiredo,et al.  Fine-grain access control for securing shared resources in computational grids , 2002, Proceedings 16th International Parallel and Distributed Processing Symposium.

[3]  Yang Xiao Accountability for wireless LANs, ad hoc networks, and wireless mesh networks , 2008, IEEE Communications Magazine.

[4]  Geoffrey Smith,et al.  Secure information flow in a multi-threaded imperative language , 1998, POPL '98.

[5]  J. Morse,et al.  Verification Strategies for Establishing Reliability and Validity in Qualitative Research , 2002 .

[6]  Pamela Samuelson,et al.  DRM {and, or, vs.} the law , 2003, CACM.

[7]  Victor C. M. Leung,et al.  Enhancing security using mobility-based anomaly detection in cellular mobile networks , 2004, IEEE Transactions on Vehicular Technology.

[8]  Arnold L. Rosenberg Accountable Web-computing , 2002, Proceedings 16th International Parallel and Distributed Processing Symposium.

[9]  Rajashekar Kailar,et al.  Accountability in Electronic Commerce Protocols , 1996, IEEE Trans. Software Eng..

[10]  Supakorn Kungpisdan,et al.  Practical Reasoning about Accountability in Electronic Commerce Protocols , 2001, ICISC.

[11]  Andrew W. Appel,et al.  SAFKASI: a security mechanism for language-based systems , 2000, TSEM.

[12]  Paul Helman,et al.  Statistical Foundations of Audit Trail Analysis for the Detection of Computer Misuse , 1993, IEEE Trans. Software Eng..

[13]  Pamela Samuelson Digital Rights Management {and, or, vs.} the Law , 2003 .

[14]  Daisuke Takahashi,et al.  Retrieving knowledge from auditing log-files for computer and network forensics and accountability , 2008, Secur. Commun. Networks.

[15]  Yang Xiao,et al.  Building a wireless capturing tool for WiFi , 2009, Secur. Commun. Networks.