Forensic Analysis of Packet Losses in Wireless Networks

Due to the lossy nature of wireless links, it is difficult to determine if packet losses are due to wireless-induced effects or from malicious discarding. Many prior efforts on detecting malicious packet drops rely on evidence collected via passive monitoring by neighbor nodes. However, they do not analyze the cause of packet losses. In this paper, we ask: 1) Given certain macroscopic parameters of the network (like traffic intensity and node density) what is the likelihood that evidence exists with respect to a transmission? 2) How can these parameters be used to perform a forensic analysis of the reason for the losses? Toward answering the above questions, we first build an analytical framework that computes the likelihood that evidence (we call this transmission evidence, or TE for short) exists with respect to transmissions, in terms of a set of network parameters. We validate our analytical framework via both simulations as well as real-world experiments on two different wireless testbeds. The analytical framework is then used as a basis for a protocol within a forensic analyzer to assess the cause of packet losses and determine the likelihood of forwarding misbehaviors. Through simulations, we find that our assessments are close to the ground truth in all examined cases, with an average deviation of 2.3% from the ground truth and a worst case deviation of 15.0%.

[1]  Bruno O. Shubert,et al.  Random variables and stochastic processes , 1979 .

[2]  Jim Kurose,et al.  Witness-Based Detection of Forwarding Misbehaviors in Wireless Networks , 2010, 2010 Fifth IEEE Workshop on Wireless Mesh Networks.

[3]  J. Nelson,et al.  Monitoring & Forensic Analysis forWireless Networks , 2006, International Conference on Internet Surveillance and Protection (ICISP’06).

[4]  Stephen S. Yau,et al.  An Adaptive Approach to Optimizing Tradeoff Between Service Performance and Security in Service-Based Systems , 2011, Int. J. Web Serv. Res..

[5]  Jeremiah F. Hayes,et al.  Modeling and Analysis of Telecommunication Networks , 2004 .

[6]  Paramvir Bahl,et al.  Architecture and techniques for diagnosing faults in IEEE 802.11 infrastructure networks , 2004, MobiCom '04.

[7]  Ratul Mahajan,et al.  Analyzing the MAC-level behavior of wireless networks in the wild , 2006, SIGCOMM.

[8]  Kevin C. Almeroth,et al.  DAMON: a distributed architecture for monitoring multi-hop mobile networks , 2004, 2004 First Annual IEEE Communications Society Conference on Sensor and Ad Hoc Communications and Networks, 2004. IEEE SECON 2004..

[9]  Paramvir Bahl,et al.  Troubleshooting wireless mesh networks , 2006, CCRV.

[10]  Robert Tappan Morris,et al.  a high-throughput path metric for multi-hop wireless routing , 2003, MobiCom '03.

[11]  Theodore S. Rappaport,et al.  Wireless communications - principles and practice , 1996 .

[12]  Moustafa Youssef,et al.  A framework for wireless LAN monitoring and its applications , 2004, WiSe '04.

[13]  Theodore S. Rappaport,et al.  Wireless Communications: Principles and Practice (2nd Edition) by , 2012 .

[14]  Soung Chang Liew,et al.  Experimental Study of Hidden-node Problem in IEEE 802 . 11 Wireless Networks * , 2005 .

[15]  I. Miller Probability, Random Variables, and Stochastic Processes , 1966 .

[16]  Yin Zhang,et al.  A general model of wireless interference , 2007, MobiCom '07.

[17]  Jeremiah F. Hayes,et al.  Modeling and Analysis of Telecommunications Networks , 2004 .

[18]  Ratul Mahajan,et al.  Measurement-based models of delivery and interference in static wireless networks , 2006, SIGCOMM.

[19]  Athanasios Papoulis,et al.  Probability, Random Variables and Stochastic Processes , 1965 .

[20]  Jitendra Padhye,et al.  Routing in multi-radio, multi-hop wireless mesh networks , 2004, MobiCom '04.

[21]  Stefan Savage,et al.  Jigsaw: solving the puzzle of enterprise 802.11 analysis , 2006, SIGCOMM.

[22]  Vaduvur Bharghavan,et al.  Robust rate adaptation for 802.11 wireless networks , 2006, MobiCom '06.

[23]  Minghua Chen,et al.  Capacity of Large-Scale CSMA Wireless Networks , 2009, IEEE/ACM Transactions on Networking.

[24]  Mary Baker,et al.  Mitigating routing misbehavior in mobile ad hoc networks , 2000, MobiCom '00.

[25]  Dimitri P. Bertsekas,et al.  Data Networks , 1986 .