skip to main content
research-article

An Analytic Framework for Modeling and Detecting Access Layer Misbehavior in Wireless Networks

Published:01 July 2008Publication History
Skip Abstract Section

Abstract

The widespread deployment of wireless networks and hot spots that employ the IEEE 802.11 technology has forced network designers to put emphasis on the importance of ensuring efficient and fair use of network resources. In this work we propose a novel framework for detection of intelligent adaptive adversaries in the IEEE 802.11 MAC by addressing the problem of detection of the worst-case scenario attacks. Utilizing the nature of this protocol we employ sequential detection methods for detecting greedy behavior and illustrate their performance for detection of least favorable attacks. By using robust statistics in our problem formulation, we attempt to utilize the precision given by parametric tests, while avoiding the specification of the adversarial distribution. This approach establishes the lowest performance bound of a given Intrusion Detection System (IDS) in terms of detection delay and is applicable in online detection systems where users who pay for their services want to obtain the information about the best and the worst case scenarios and performance bounds of the system. This framework is meaningful for studying misbehavior due to the fact that it does not focus on specific adversarial strategies and therefore is applicable to a wide class of adversarial strategies.

References

  1. Axelsson, S. 1999. The base-rate fallacy and its implications for the difficulty of intrusion detection. In Proceedings of the 6th ACM Conference on Computer and Communications Security (CCS'99). 1--7. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. Bellardo, J. and Savage, S. 2003. 802.11 denial-of-service attacks: real vulnerabilities and practical solutions. In Proceedings of USENIX Security Symposium. San Antonio, TX. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. Bertsekas, D. 2003. Convex Analysis and Optimization. Athena Scientific.Google ScholarGoogle Scholar
  4. Buchegger, S. and Boudec, J.-Y. L. 2002. Performance Analysis of the CONFIDANT Protocol. In Proceedings of the ACM International Symposium on Mobile Ad Hoc Networking and Computing (MobiHoc'02). Lausanne, Switzerland. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. Cárdenas, A. A., Baras, J. S., and Seamon, K. 2006. A framework for the evaluation of intrusion detection systems. In Proceedings of the IEEE Symposium on Security and Privacy (SP'06). Oakland, CA. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. Cárdenas, A. A., Radosavac, S. R., and Baras, J. S. 2004. Detection and prevention of MAC layer misbehavior in ad hoc networks. In Proceedings of the ACM Workshop on Security of Ad Hoc and Sensor Networks (SASN'04). 17--22. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. Dragalin, V., Tartakovsky, A., and Veeravalli, V. 1999. Multihypothesis sequential probability ratio tests - Part I: Asymptotic optimality. IEEE Trans. Inform. Theory 45, 7 (Nov.), 2448--2461. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. Gupta, V., Krishnamurthy, S., and Faloutsos, M. 2002. Denial of service attacks at the MAC layer in wireless ad hoc networks. In Proceedings of the IEEE Military Communications Conference (MILCOM'02).Google ScholarGoogle Scholar
  9. IEEE. 1999. IEEE wireless LAN medium access control (MAC) and physical layer (PHY) specifications.Google ScholarGoogle Scholar
  10. Kassam, S. and Poor, H. 1985. Robust techniques for signal processing: A survey. Proceedings IEEE 73, 3 (March), 433--481.Google ScholarGoogle ScholarCross RefCross Ref
  11. Kyasanur, P. and Vaidya, N. 2003. Detection and handling of MAC layer misbehavior in wireless networks. In Proceedings of International Conference on Dependable Systems and Networks (DSN'03).Google ScholarGoogle Scholar
  12. Marti, S., Giuli, T. J., Lai, K., and Baker, M. 2000. Mitigating routing misbehavior in mobile ad hoc networks. In Proceedings of the 6th Annual International Conference on Mobile Computing and Networking (MobCom'00). 255--265. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. Radosavac, S., Baras, J. S., and Koutsopoulos, I. 2005. A framework for MAC protocol misbehavior detection in wireless networks. In Proceedings of the 4th ACM Workshop on Wireless Security (WiSe'05). 33--42. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. Raya, M., Hubaux, J.-P., and Aad, I. 2004. DOMINO: A system to detect greedy behavior in IEEE 802.11 Hotspots. In Proceedings of the International Conference on Mobile Systems, Applications and Services (MobiSys'04). 84--97. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. Čagalj, M., Ganeriwal, S., Aad, I., and Hubaux, J.-P. 2005. On selfish behavior in CSMA/CA networks. In Proceedings of the Annual Joint Conference of the IEEE Computer and Communications Societies (INFOCOM'05).Google ScholarGoogle Scholar
  16. Verdu, S. and H.V.Poor. 1984. On minimax robustness: a general approach and applications. IEEE Trans. Inform. Theory 30, 2 (March), 328--340.Google ScholarGoogle ScholarCross RefCross Ref
  17. Wald, A. 1947. Sequential Analysis. New York: John Wiley and Sons.Google ScholarGoogle Scholar
  18. Wald, A. and Wolfowitz, J. 1948. Optimum character of the sequential probability ratio test. Ann. Math. Statist. 19, 326--339.Google ScholarGoogle ScholarCross RefCross Ref

Index Terms

  1. An Analytic Framework for Modeling and Detecting Access Layer Misbehavior in Wireless Networks

      Recommendations

      Comments

      Login options

      Check if you have access through your login credentials or your institution to get full access on this article.

      Sign in

      Full Access

      • Published in

        cover image ACM Transactions on Information and System Security
        ACM Transactions on Information and System Security  Volume 11, Issue 4
        July 2008
        232 pages
        ISSN:1094-9224
        EISSN:1557-7406
        DOI:10.1145/1380564
        Issue’s Table of Contents

        Copyright © 2008 ACM

        Publisher

        Association for Computing Machinery

        New York, NY, United States

        Publication History

        • Published: 1 July 2008
        • Accepted: 1 February 2008
        • Revised: 1 August 2007
        • Received: 1 August 2006
        Published in tissec Volume 11, Issue 4

        Permissions

        Request permissions about this article.

        Request Permissions

        Check for updates

        Qualifiers

        • research-article
        • Research
        • Refereed

      PDF Format

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader
      About Cookies On This Site

      We use cookies to ensure that we give you the best experience on our website.

      Learn more

      Got it!