A Distributed and Collaborative Intrusion Detection Architecture for Wireless Mesh Networks

Wireless Mesh Network (WMN) is an emerging heterogeneous network architecture that is growing in importance among traditional wireless communication systems as a cost-effective way of providing Internet services. However, WMNs are particularly vulnerable to malicious nodes given their inherent attributes such as decentralized infrastructure and high dependence of node cooperation. We then propose a distributed and Collaborative Intrusion Detection System (CIDS) architecture for detecting insider attacks at real-time, which comprises: i) a Routing Protocol Analyzer (RPA) to analyze the collected routing traffic and generate respective Routing Events; ii) a Distributed Intrusion Detection Engine (DIDE) that treats the Routing Events by applying Routing Constraints and calculate related Misbehaving Metrics; iii) a Cooperative Consensus Mechanism (CCM) to check the Misbehaving Metrics using a proposed threshold scheme and to track down the source of intrusion. The entire CIDS solution is implemented in a virtualized mesh network platform. The experimental results show the proposed CIDS architecture efficiently detects message fabrication attacks with good precision and low resource consumption.

[1]  Wenke Lee,et al.  Attack Analysis and Detection for Ad Hoc Routing Protocols , 2004, RAID.

[2]  Akshai Aggarwal,et al.  A key management and secure routing integrated framework for Mobile Ad-hoc Networks , 2013, Ad Hoc Networks.

[3]  Hassan Artail,et al.  A cluster-based trust-aware routing protocol for mobile ad hoc networks , 2010, Wirel. Networks.

[4]  David de Andrés,et al.  Towards benchmarking routing protocols in wireless mesh networks , 2011, Ad Hoc Networks.

[5]  Ana R. Cavalli,et al.  A distributed intrusion detection scheme for wireless ad hoc networks , 2012, SAC '12.

[6]  Manel Guerrero Zapata Secure ad hoc on-demand distance vector routing , 2002, MOCO.

[7]  Elizabeth M. Belding-Royer,et al.  A secure routing protocol for ad hoc networks , 2002, 10th IEEE International Conference on Network Protocols, 2002. Proceedings..

[8]  Mohamed Nassim Seghir,et al.  A Lightweight Approach for Loop Summarization , 2011, ATVA.

[9]  Ana Cavalli,et al.  An Event-Based Packet Dropping Detection Scheme for Wireless Mesh Networks , 2012, CSS.

[10]  Ana R. Cavalli,et al.  Route Manipulation Attack in Wireless Mesh Networks , 2011, 2011 IEEE International Conference on Advanced Information Networking and Applications.

[11]  Ana R. Cavalli,et al.  An EFSM-Based Intrusion Detection System for Ad Hoc Networks , 2005, ATVA.

[12]  Karl N. Levitt,et al.  A specification-based intrusion detection system for AODV , 2003, SASN '03.

[13]  Songwu Lu,et al.  SCAN: self-organized network-layer security in mobile ad hoc networks , 2006, IEEE Journal on Selected Areas in Communications.

[14]  T. Hartnett Consensus-Oriented Decision-Making: The CODM Model for Facilitating Groups to Widespread Agreement , 2011 .

[15]  Axel Neumann,et al.  Better Approach To Mobile Ad-hoc Networking (B.A.T.M.A.N.) , 2008 .

[16]  Mary Baker,et al.  Mitigating routing misbehavior in mobile ad hoc networks , 2000, MobiCom '00.

[17]  Sahin Albayrak,et al.  Monitoring Smartphones for Anomaly Detection , 2008, Mob. Networks Appl..

[18]  Yih-Chun Hu,et al.  SEAR: a secure efficient ad hoc on demand routing protocol for wireless networks , 2008, ASIACCS '08.

[19]  Mieso K. Denko,et al.  A hierarchical architecture for detecting selfish behaviour in community wireless mesh networks , 2011, Comput. Commun..

[20]  Christos Douligeris,et al.  LIDF: Layered intrusion detection framework for ad-hoc networks , 2009, Ad Hoc Networks.

[21]  Wenke Lee,et al.  Intrusion Detection Techniques for Mobile Wireless Networks , 2003, Wirel. Networks.

[22]  Vern Paxson,et al.  Bro: a system for detecting network intruders in real-time , 1998, Comput. Networks.

[23]  Ana R. Cavalli,et al.  Detection of Attacks in Wireless Mesh Networks , 2011, 2011 5th Latin-American Symposium on Dependable Computing.

[24]  Muhammad Shoaib Siddiqui,et al.  Security Issues in Wireless Mesh Networks , 2007, 2007 International Conference on Multimedia and Ubiquitous Engineering (MUE'07).

[25]  Guojun Wang Cyberspace Safety and Security: 5th International Symposium, CSS 2013, Zhangjiajie, China, November 13-15, 2013, Proceedings , 2013, Lecture Notes in Computer Science.

[26]  Ian F. Akyildiz,et al.  Wireless mesh networks: a survey , 2005, Comput. Networks.

[27]  Maria Papadaki,et al.  Evaluation of anomaly-based IDS for mobile devices using machine learning classifiers , 2012, Secur. Commun. Networks.

[28]  M. Abolhasan,et al.  Real-world performance of current proactive multi-hop mesh protocols , 2009, 2009 15th Asia-Pacific Conference on Communications.

[29]  Gregorio Martínez Pérez,et al.  Intrusion detection using a linguistic hedged fuzzy-XCS classifier system , 2008, Soft Comput..

[30]  Xinheng Wang Wireless mesh networks , 2008, Journal of telemedicine and telecare.

[31]  Hao Guan,et al.  Future Mobile Communication Networks: Challenges in the Design and Operation , 2012, IEEE Vehicular Technology Magazine.

[32]  Yih-Chun Hu,et al.  Ariadne: A Secure On-Demand Routing Protocol for Ad Hoc Networks , 2005, Wirel. Networks.