Improving security in WMNs with reputation systems and self-organizing maps

One of the most important problems of WMNs, that is even preventing them from being used in many sensitive applications, is the lack of security. To ensure security of WMNs, two strategies need to be adopted: embedding security mechanisms into the network protocols, and developing efficient intrusion detection and reaction systems. To date, many secure protocols have been proposed, but their role of defending attacks is very limited. We present a framework for intrusion detection in WMNs that is orthogonal to the network protocols. It is based on a reputation system, that allows to isolate ill-behaved nodes by rating their reputation as low, and distributed agents based on unsupervised learning algorithms (self-organizing maps), that are able to detect deviations from the normal behavior. An additional advantage of this approach is that it is quite independent of the attacks, and therefore it can detect and confine new, previously unknown, attacks. Unlike previous approaches, and due to the inherent insecurity of WMN nodes, we assume that confidentiality and integrity cannot be preserved for any single node.

[1]  John R. Douceur,et al.  The Sybil Attack , 2002, IPTPS.

[2]  Panagiotis Papadimitratos,et al.  Secure Routing for Mobile Ad Hoc Networks , 2002 .

[3]  Dorin Comaniciu,et al.  Nonparametric information fusion for motion estimation , 2003, 2003 IEEE Computer Society Conference on Computer Vision and Pattern Recognition, 2003. Proceedings..

[4]  Yih-Chun Hu,et al.  Ariadne: A Secure On-Demand Routing Protocol for Ad Hoc Networks , 2005, Wirel. Networks.

[5]  Victor C. M. Leung,et al.  Secure Routing for Mobile Ad Hoc Networks , 2006 .

[6]  Indranil Saha,et al.  Location Verification Based Defense Against Sybil Attack in Sensor Networks , 2006, ICDCN.

[7]  Azzedine Boukerche,et al.  Trust-based security for wireless ad hoc and sensor networks , 2007, Comput. Commun..

[8]  Yih-Chun Hu,et al.  Packet leashes: a defense against wormhole attacks in wireless networks , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[9]  Peng Ning,et al.  Defending against Sybil attacks in sensor networks , 2005, 25th IEEE International Conference on Distributed Computing Systems Workshops.

[10]  Alberto Muñoz,et al.  Self-organizing maps for outlier detection , 1998, Neurocomputing.

[11]  Dawn Xiaodong Song,et al.  Random key predistribution schemes for sensor networks , 2003, 2003 Symposium on Security and Privacy, 2003..

[12]  Ashraf Saad,et al.  Hybrid intelligent systems for network security , 2006, ACM-SE 44.

[13]  Helge J. Ritter,et al.  Neural recognition of human pointing gestures in real images , 1996, Neural Processing Letters.

[14]  J.A. Stankovic,et al.  Denial of Service in Sensor Networks , 2002, Computer.

[15]  Virgil D. Gligor,et al.  A key-management scheme for distributed sensor networks , 2002, CCS '02.

[16]  Elaine Shi,et al.  The Sybil attack in sensor networks: analysis & defenses , 2004, Third International Symposium on Information Processing in Sensor Networks, 2004. IPSN 2004.

[17]  Ran Canetti,et al.  Efficient and Secure Source Authentication for Multicast , 2001, NDSS.

[18]  Roberto Di Pietro,et al.  ECCE: Enhanced cooperative channel establishment for secure pair-wise communication in wireless sensor networks , 2007, Ad Hoc Networks.

[19]  C. Karlof,et al.  Secure routing in wireless sensor networks: attacks and countermeasures , 2003, Proceedings of the First IEEE International Workshop on Sensor Network Protocols and Applications, 2003..

[20]  Manel Guerrero Zapata Secure ad hoc on-demand distance vector routing , 2002, MOCO.

[21]  M. Aupetit,et al.  Function Approximation with Continuous Self-Organizing Maps using . . , 2000 .

[22]  Panagiotis Papadimitratos,et al.  Secure link state routing for mobile ad hoc networks , 2003, 2003 Symposium on Applications and the Internet Workshops, 2003. Proceedings..

[23]  Choong Seon Hong,et al.  Security in wireless sensor networks: issues and challenges , 2006, 2006 8th International Conference Advanced Communication Technology.

[24]  Yunghsiang Sam Han,et al.  A pairwise key pre-distribution scheme for wireless sensor networks , 2003, CCS '03.

[25]  Samir R Das,et al.  Ad hoc on-demand multipath distance vector routing , 2002, MOCO.

[26]  Wensheng Zhang,et al.  Securing distributed data storage and retrieval in sensor networks , 2007, Pervasive Mob. Comput..

[27]  José Manuel Moya,et al.  Using Reputation Systems and Non-Deterministic Routing to Secure Wireless Sensor Networks , 2009, Sensors.

[28]  Murat Demirbas,et al.  An RSSI-based scheme for sybil attack detection in wireless sensor networks , 2006, 2006 International Symposium on a World of Wireless, Mobile and Multimedia Networks(WoWMoM'06).