An Analytic Framework for Modeling and Detecting Access Layer Misbehavior in Wireless Networks

The widespread deployment of wireless networks and hot spots that employ the IEEE 802.11 technology has forced network designers to put emphasis on the importance of ensuring efficient and fair use of network resources. In this work we propose a novel framework for detection of intelligent adaptive adversaries in the IEEE 802.11 MAC by addressing the problem of detection of the worst-case scenario attacks. Utilizing the nature of this protocol we employ sequential detection methods for detecting greedy behavior and illustrate their performance for detection of least favorable attacks. By using robust statistics in our problem formulation, we attempt to utilize the precision given by parametric tests, while avoiding the specification of the adversarial distribution. This approach establishes the lowest performance bound of a given Intrusion Detection System (IDS) in terms of detection delay and is applicable in online detection systems where users who pay for their services want to obtain the information about the best and the worst case scenarios and performance bounds of the system. This framework is meaningful for studying misbehavior due to the fact that it does not focus on specific adversarial strategies and therefore is applicable to a wide class of adversarial strategies.

[1]  Stefan Savage,et al.  802.11 Denial-of-Service Attacks: Real Vulnerabilities and Practical Solutions , 2003, USENIX Security Symposium.

[2]  Venugopal V. Veeravalli,et al.  Multihypothesis sequential probability ratio tests - Part I: Asymptotic optimality , 1999, IEEE Trans. Inf. Theory.

[3]  Jean-Yves Le Boudec,et al.  Performance analysis of the CONFIDANT protocol , 2002, MobiHoc '02.

[4]  John S. Baras,et al.  A framework for the evaluation of intrusion detection systems , 2006, 2006 IEEE Symposium on Security and Privacy (S&P'06).

[5]  J. Andel Sequential Analysis , 2022, The SAGE Encyclopedia of Research Design.

[6]  Maxim Raya,et al.  DOMINO: a system to detect greedy behavior in IEEE 802.11 hotspots , 2004, MobiSys '04.

[7]  S BarasJohn,et al.  An Analytic Framework for Modeling and Detecting Access Layer Misbehavior in Wireless Networks , 2008 .

[8]  A. Banerjee Convex Analysis and Optimization , 2006 .

[9]  Stefan Axelsson,et al.  The base-rate fallacy and its implications for the difficulty of intrusion detection , 1999, CCS '99.

[10]  Saurabh Ganeriwal,et al.  On selfish behavior in CSMA/CA networks , 2005, Proceedings IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies..

[11]  S.A. Kassam,et al.  Robust techniques for signal processing: A survey , 1985, Proceedings of the IEEE.

[12]  A. M. Abdullah,et al.  Wireless lan medium access control (mac) and physical layer (phy) specifications , 1997 .

[13]  Saurabh Ganeriwal,et al.  On Cheating in CSMA/CA Ad Hoc Networks , 2004 .

[14]  John S. Baras,et al.  Detection and prevention of MAC layer misbehavior in ad hoc networks , 2004, SASN '04.

[15]  J. Wolfowitz,et al.  Optimum Character of the Sequential Probability Ratio Test , 1948 .

[16]  Dimitri P. Bertsekas,et al.  Convex Analysis and Optimization , 2003 .

[17]  H. Vincent Poor,et al.  On minimax robustness: A general approach and applications , 1984, IEEE Trans. Inf. Theory.

[18]  Nitin H. Vaidya,et al.  Detection and handling of MAC layer misbehavior in wireless networks , 2003, 2003 International Conference on Dependable Systems and Networks, 2003. Proceedings..

[19]  Mary Baker,et al.  Mitigating routing misbehavior in mobile ad hoc networks , 2000, MobiCom '00.

[20]  Michalis Faloutsos,et al.  Denial of service attacks at the MAC layer in wireless ad hoc networks , 2002, MILCOM 2002. Proceedings.

[21]  John S. Baras,et al.  A framework for MAC protocol misbehavior detection in wireless networks , 2005, WiSe '05.