RAPID: Traffic-agnostic intrusion detection for resource-constrained wireless mesh networks

Abstract Due to the recent increased interest in wireless mesh networks (WMN), their security challenges have become of paramount importance. An important security mechanism for WMN, intrusion detection, has received considerable attention from the research community. Recent results show that traditional monitoring mechanisms are not applicable to real-world WMN due to their constrained resources (memory and processing power), which result in high false negative rates since only a few IDS functions can be activated on monitoring nodes. Cooperative solutions, on the other hand, have high communication overhead and detection delay when the traffic load is high. A practical traffic-aware IDS solution was recently proposed for resource-constrained WMN, however, traffic-awareness might not be feasible for some WMN applications. This article proposes a traffic-agnostic IDS solution that uses a link-coverage approach to monitor both local and backbone WMN traffic. Using real-world experiments and extensive simulations, we show that our proposed IDS solutions outperform traffic-aware IDS solutions while incurring lower computation and communication overhead.

[1]  Marcelo G. Rubinstein,et al.  Routing Metrics and Protocols for Wireless Mesh Networks , 2008, IEEE Network.

[2]  Karl N. Levitt,et al.  A general cooperative intrusion detection architecture for MANETs , 2005, Third IEEE International Workshop on Information Assurance (IWIA'05).

[3]  Raheem A. Beyah,et al.  Di-Sec: A distributed security framework for heterogeneous Wireless Sensor Networks , 2012, 2012 Proceedings IEEE INFOCOM.

[4]  Wenke Lee,et al.  Intrusion Detection Techniques for Mobile Wireless Networks , 2003, Wirel. Networks.

[5]  Jingsha He,et al.  A Distributed Intrusion Detection Scheme for Wireless Sensor Networks , 2008, 2008 The 28th International Conference on Distributed Computing Systems Workshops.

[6]  Prasant Mohapatra,et al.  QuRiNet: A wide-area wireless mesh testbed for research and experimental evaluations , 2010, 2010 Second International Conference on COMmunication Systems and NETworks (COMSNETS 2010).

[7]  Peng Ning,et al.  MrFair: Misbehavior-resistant fair scheduling in wireless mesh networks , 2012, Ad Hoc Networks.

[8]  Bernhard Walke,et al.  IEEE 802.11s: The WLAN Mesh Standard , 2010, IEEE Wireless Communications.

[9]  Ratan K. Guha,et al.  Effective intrusion detection using multiple sensors in wireless ad hoc networks , 2003, 36th Annual Hawaii International Conference on System Sciences, 2003. Proceedings of the.

[10]  Steven Furnell,et al.  Friend-assisted intrusion detection and response mechanisms for mobile ad hoc networks , 2008, Ad Hoc Networks.

[11]  Guohong Cao,et al.  Distributed Monitoring and Aggregation in Wireless Sensor Networks , 2010, 2010 Proceedings IEEE INFOCOM.

[12]  David Hutchison,et al.  Intrusion detection systems for community wireless mesh networks , 2008, 2008 5th IEEE International Conference on Mobile Ad Hoc and Sensor Systems.

[13]  Paramvir Bahl,et al.  Feasibility study of mesh networks for all-wireless offices , 2006, MobiSys '06.

[14]  Udo W. Pooch,et al.  Alert aggregation in mobile ad hoc networks , 2003, WiSe '03.

[15]  References , 1971 .

[16]  Christos V. Verikoukis,et al.  Ubiquitous robust communications for emergency response using multi-operator heterogeneous networks , 2011, EURASIP J. Wirel. Commun. Netw..

[17]  Saurabh Bagchi,et al.  Optimal monitoring in multi-channel multi-radio wireless mesh networks , 2009, MobiHoc '09.

[18]  Guofei Gu,et al.  PRIDE: Practical Intrusion Detection in Resource Constrained Wireless Mesh Networks , 2013, ICICS.

[19]  Dongwoo Kim,et al.  Lifetime-enhancing selection of monitoring nodes for intrusion detection in mobile ad hoc networks , 2006 .

[20]  Gertjan van Stam,et al.  A Rural Implementation of a 52 Node Mixed Wireless Mesh Network in Macha, Zambia , 2009, AFRICOM.

[21]  Basem Shihada,et al.  Energy Efficient Monitoring for Intrusion Detection in Battery-Powered Wireless Mesh Networks , 2011, ADHOC-NOW.

[22]  Vyas Sekar,et al.  Network-wide deployment of intrusion detection and prevention systems , 2010, CoNEXT.

[23]  Radu Stoleru,et al.  On the optimality of cooperative intrusion detection for resource constrained wireless networks , 2013, Comput. Secur..

[24]  Manikantan ShilaDevu,et al.  Load aware traffic engineering for mesh networks , 2008 .

[25]  Vern Paxson,et al.  Bro: a system for detecting network intruders in real-time , 1998, Comput. Networks.

[26]  Rituparna Chaki,et al.  Intrusion Detection in Wireless Ad-Hoc Networks , 2014 .

[27]  Pang-Ning Tan,et al.  Distributed Detection of Selfish Routing in Wireless Mesh Networks , 2007 .

[28]  Saswati Sarkar,et al.  A framework for misuse detection in ad hoc Networks-part I , 2006, IEEE Journal on Selected Areas in Communications.

[29]  Theodore Tryfonas,et al.  A Family of Key Agreement Mechanisms for Mission Critical Communications for Secure Mobile Ad Hoc and Wireless Mesh Internetworking , 2011, EURASIP J. Wirel. Commun. Netw..

[30]  David Hutchison,et al.  OpenLIDS: a lightweight intrusion detection system for wireless mesh networks , 2009, MobiCom '09.

[31]  Ian F. Akyildiz,et al.  Wireless mesh networks: a survey , 2005, Comput. Networks.

[32]  Ana R. Cavalli,et al.  A Distributed and Collaborative Intrusion Detection Architecture for Wireless Mesh Networks , 2013, Mobile Networks and Applications.

[33]  Guofei Gu,et al.  Practical Intrusion Detection in Resource Constrained Wireless Mesh Networks , 2012 .

[34]  Songwu Lu,et al.  Self-organized network-layer security in mobile ad hoc networks , 2002, WiSE '02.

[35]  T. Anjali,et al.  A game theoretic approach to gray hole attacks in Wireless Mesh Networks , 2008, MILCOM 2008 - 2008 IEEE Military Communications Conference.

[36]  Mieso K. Denko,et al.  A hierarchical architecture for detecting selfish behaviour in community wireless mesh networks , 2011, Comput. Commun..

[37]  Matthias Hollick,et al.  DogoIDS: a mobile and active intrusion detection system for IEEE 802.11s wireless mesh networks , 2013, HotWiSec '13.

[38]  Songwu Lu,et al.  SCAN: self-organized network-layer security in mobile ad hoc networks , 2006, IEEE Journal on Selected Areas in Communications.

[39]  Vallipuram Muthukkumarasamy,et al.  Detecting Man-in-the-Middle and Wormhole Attacks in Wireless Mesh Networks , 2009, 2009 International Conference on Advanced Information Networking and Applications.

[40]  Bernhard Plattner,et al.  Routing Metrics for Wireless Mesh Networks , 2009, Guide to Wireless Mesh Networks.

[41]  Felix C. Freiling,et al.  Cooperative Intrusion Detection in Wireless Sensor Networks , 2009, EWSN.

[42]  Radu Stoleru,et al.  Towards Optimal Monitoring in Cooperative IDS for Resource Constrained Wireless Networks , 2011, 2011 Proceedings of 20th International Conference on Computer Communications and Networks (ICCCN).

[43]  Paul Gardner-Stephen,et al.  The Village Telco project: a reliable and practical wireless mesh telephony infrastructure , 2011, EURASIP J. Wirel. Commun. Netw..

[44]  William H. Robinson,et al.  A distributed intrusion detection system for resource-constrained devices in ad-hoc networks , 2010, Ad Hoc Networks.

[45]  Y. Li,et al.  A Wireless Sensor , AdHoc and Delay Tolerant Network System for Disaster Response , 2011 .

[46]  Qijun Gu,et al.  Collaborative Traffic-Aware Intrusion Monitoring in Multi-channel Mesh Networks , 2012, 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications.

[47]  Jianer Chen,et al.  Efficient flooding in Wireless Sensor Networks secured with neighborhood keys , 2011, 2011 IEEE 7th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob).

[48]  LeeWenke,et al.  Intrusion detection techniques for mobile wireless networks , 2003 .

[49]  Harsha Chenji,et al.  A wireless system for reducing response time in Urban Search & Rescue , 2012, 2012 IEEE 31st International Performance Computing and Communications Conference (IPCCC).

[50]  Devu Manikantan Shila,et al.  Load-aware Traffic Engineering for Mesh Networks , 2007, 2007 16th International Conference on Computer Communications and Networks.