Practical Intrusion Detection in Resource Constrained Wireless Mesh Networks

As interest in wireless mesh networks grows, security challenges, e.g., intrusion detection, become of paramount importance. Traditional solutions for intrusion detection assign full IDS responsibilities to a few selected nodes. Recent results, however, have shown that a mesh router cannot reliably perform full IDS functions because of limited resources (i.e., processing and memory). Cooperative IDS solutions, targeting resource constrained wireless networks impose high communication overhead and detection latency. To address these challenges, we propose a non-cooperative real-time intrusion detection scheme that optimally distributes IDS functions to nodes along traffic paths, such that intrusion detection rate is maximized, while resource consumption is below a given threshold. We formulate the optimal IDS function distribution as an integer linear program and propose algorithms for solving it accurately and fast (i.e., practical). We evaluate the performance of our proposed solution in a real-world, department-wide, mesh network.

[1]  Gertjan van Stam,et al.  A Rural Implementation of a 52 Node Mixed Wireless Mesh Network in Macha, Zambia , 2009, AFRICOM.

[2]  T. Anjali,et al.  A game theoretic approach to gray hole attacks in Wireless Mesh Networks , 2008, MILCOM 2008 - 2008 IEEE Military Communications Conference.

[3]  Antonio Capone,et al.  A framework for detecting selfish misbehavior in wireless mesh community networks , 2009, Q2SWinet '09.

[4]  Jan Bauer,et al.  Poster: Deploying a mesh-based command and control sensing system in a disaster area maneuver , 2011, SenSys.

[5]  Y. Li,et al.  A Wireless Sensor , AdHoc and Delay Tolerant Network System for Disaster Response , 2011 .

[6]  Jingsha He,et al.  A Distributed Intrusion Detection Scheme for Wireless Sensor Networks , 2008, 2008 The 28th International Conference on Distributed Computing Systems Workshops.

[7]  Claudiu Danilov,et al.  The SMesh wireless mesh network , 2008, TOCS.

[8]  Paramvir Bahl,et al.  Feasibility study of mesh networks for all-wireless offices , 2006, MobiSys '06.

[9]  Vallipuram Muthukkumarasamy,et al.  Securing Wireless Mesh Networks , 2008, IEEE Internet Computing.

[10]  Vyas Sekar,et al.  Network-wide deployment of intrusion detection and prevention systems , 2010, CoNEXT.

[11]  Karl N. Levitt,et al.  A general cooperative intrusion detection architecture for MANETs , 2005, Third IEEE International Workshop on Information Assurance (IWIA'05).

[12]  Wenke Lee,et al.  A cooperative intrusion detection system for ad hoc networks , 2003, SASN '03.

[13]  Felix C. Freiling,et al.  Cooperative Intrusion Detection in Wireless Sensor Networks , 2009, EWSN.

[14]  Basem Shihada,et al.  Energy Efficient Monitoring for Intrusion Detection in Battery-Powered Wireless Mesh Networks , 2011, ADHOC-NOW.

[15]  Peng Ning,et al.  MrFair: Misbehavior-resistant fair scheduling in wireless mesh networks , 2012, Ad Hoc Networks.

[16]  Bernhard Walke,et al.  IEEE 802.11s: The WLAN Mesh Standard , 2010, IEEE Wireless Communications.

[17]  Vern Paxson,et al.  Bro: a system for detecting network intruders in real-time , 1998, Comput. Networks.

[18]  David Hutchison,et al.  Intrusion detection systems for community wireless mesh networks , 2008, 2008 5th IEEE International Conference on Mobile Ad Hoc and Sensor Systems.

[19]  Guohong Cao,et al.  Distributed Monitoring and Aggregation in Wireless Sensor Networks , 2010, 2010 Proceedings IEEE INFOCOM.

[20]  Muhammad Shoaib Siddiqui,et al.  Security Issues in Wireless Mesh Networks , 2007, 2007 International Conference on Multimedia and Ubiquitous Engineering (MUE'07).

[21]  Paul Gardner-Stephen,et al.  The Village Telco project: a reliable and practical wireless mesh telephony infrastructure , 2011, EURASIP J. Wirel. Commun. Netw..

[22]  Saurabh Bagchi,et al.  Optimal monitoring in multi-channel multi-radio wireless mesh networks , 2009, MobiHoc '09.

[23]  Radu Stoleru,et al.  Towards Optimal Monitoring in Cooperative IDS for Resource Constrained Wireless Networks , 2011, 2011 Proceedings of 20th International Conference on Computer Communications and Networks (ICCCN).

[24]  Saswati Sarkar,et al.  A framework for misuse detection in ad hoc Networks-part I , 2006, IEEE Journal on Selected Areas in Communications.

[25]  David Hutchison,et al.  OpenLIDS: a lightweight intrusion detection system for wireless mesh networks , 2009, MobiCom '09.

[26]  Ratan K. Guha,et al.  Effective intrusion detection using multiple sensors in wireless ad hoc networks , 2003, 36th Annual Hawaii International Conference on System Sciences, 2003. Proceedings of the.

[27]  Vallipuram Muthukkumarasamy,et al.  Detecting Man-in-the-Middle and Wormhole Attacks in Wireless Mesh Networks , 2009, 2009 International Conference on Advanced Information Networking and Applications.