Abstract
The widespread deployment of wireless networks and hot spots that employ the IEEE 802.11 technology has forced network designers to put emphasis on the importance of ensuring efficient and fair use of network resources. In this work we propose a novel framework for detection of intelligent adaptive adversaries in the IEEE 802.11 MAC by addressing the problem of detection of the worst-case scenario attacks. Utilizing the nature of this protocol we employ sequential detection methods for detecting greedy behavior and illustrate their performance for detection of least favorable attacks. By using robust statistics in our problem formulation, we attempt to utilize the precision given by parametric tests, while avoiding the specification of the adversarial distribution. This approach establishes the lowest performance bound of a given Intrusion Detection System (IDS) in terms of detection delay and is applicable in online detection systems where users who pay for their services want to obtain the information about the best and the worst case scenarios and performance bounds of the system. This framework is meaningful for studying misbehavior due to the fact that it does not focus on specific adversarial strategies and therefore is applicable to a wide class of adversarial strategies.
- Axelsson, S. 1999. The base-rate fallacy and its implications for the difficulty of intrusion detection. In Proceedings of the 6th ACM Conference on Computer and Communications Security (CCS'99). 1--7. Google Scholar
Digital Library
- Bellardo, J. and Savage, S. 2003. 802.11 denial-of-service attacks: real vulnerabilities and practical solutions. In Proceedings of USENIX Security Symposium. San Antonio, TX. Google Scholar
Digital Library
- Bertsekas, D. 2003. Convex Analysis and Optimization. Athena Scientific.Google Scholar
- Buchegger, S. and Boudec, J.-Y. L. 2002. Performance Analysis of the CONFIDANT Protocol. In Proceedings of the ACM International Symposium on Mobile Ad Hoc Networking and Computing (MobiHoc'02). Lausanne, Switzerland. Google Scholar
Digital Library
- Cárdenas, A. A., Baras, J. S., and Seamon, K. 2006. A framework for the evaluation of intrusion detection systems. In Proceedings of the IEEE Symposium on Security and Privacy (SP'06). Oakland, CA. Google Scholar
Digital Library
- Cárdenas, A. A., Radosavac, S. R., and Baras, J. S. 2004. Detection and prevention of MAC layer misbehavior in ad hoc networks. In Proceedings of the ACM Workshop on Security of Ad Hoc and Sensor Networks (SASN'04). 17--22. Google Scholar
Digital Library
- Dragalin, V., Tartakovsky, A., and Veeravalli, V. 1999. Multihypothesis sequential probability ratio tests - Part I: Asymptotic optimality. IEEE Trans. Inform. Theory 45, 7 (Nov.), 2448--2461. Google Scholar
Digital Library
- Gupta, V., Krishnamurthy, S., and Faloutsos, M. 2002. Denial of service attacks at the MAC layer in wireless ad hoc networks. In Proceedings of the IEEE Military Communications Conference (MILCOM'02).Google Scholar
- IEEE. 1999. IEEE wireless LAN medium access control (MAC) and physical layer (PHY) specifications.Google Scholar
- Kassam, S. and Poor, H. 1985. Robust techniques for signal processing: A survey. Proceedings IEEE 73, 3 (March), 433--481.Google Scholar
Cross Ref
- Kyasanur, P. and Vaidya, N. 2003. Detection and handling of MAC layer misbehavior in wireless networks. In Proceedings of International Conference on Dependable Systems and Networks (DSN'03).Google Scholar
- Marti, S., Giuli, T. J., Lai, K., and Baker, M. 2000. Mitigating routing misbehavior in mobile ad hoc networks. In Proceedings of the 6th Annual International Conference on Mobile Computing and Networking (MobCom'00). 255--265. Google Scholar
Digital Library
- Radosavac, S., Baras, J. S., and Koutsopoulos, I. 2005. A framework for MAC protocol misbehavior detection in wireless networks. In Proceedings of the 4th ACM Workshop on Wireless Security (WiSe'05). 33--42. Google Scholar
Digital Library
- Raya, M., Hubaux, J.-P., and Aad, I. 2004. DOMINO: A system to detect greedy behavior in IEEE 802.11 Hotspots. In Proceedings of the International Conference on Mobile Systems, Applications and Services (MobiSys'04). 84--97. Google Scholar
Digital Library
- Čagalj, M., Ganeriwal, S., Aad, I., and Hubaux, J.-P. 2005. On selfish behavior in CSMA/CA networks. In Proceedings of the Annual Joint Conference of the IEEE Computer and Communications Societies (INFOCOM'05).Google Scholar
- Verdu, S. and H.V.Poor. 1984. On minimax robustness: a general approach and applications. IEEE Trans. Inform. Theory 30, 2 (March), 328--340.Google Scholar
Cross Ref
- Wald, A. 1947. Sequential Analysis. New York: John Wiley and Sons.Google Scholar
- Wald, A. and Wolfowitz, J. 1948. Optimum character of the sequential probability ratio test. Ann. Math. Statist. 19, 326--339.Google Scholar
Cross Ref
Index Terms
An Analytic Framework for Modeling and Detecting Access Layer Misbehavior in Wireless Networks
Recommendations
Sequencing technique: an enhancement to 802.11 medium access control to improve the performance of wireless networks
This paper presents a technique known as sequencing on MAC layer for wireless networks. MAC layer issues are very important while accessing channel over wireless networks. Normally, communication uses Request To Send/Clear To Send (RTS/CTS) mechanism to ...
On MAC-layer denial of service attacks in IEEE 802.11 ad hoc networks: analysis and counter measures
Network survivability is fundamental to information security. Adversaries could compromise network functionality by attacking the physical layer, the Medium Access Control (MAC) layer or the network layer. Even though security mechanisms for the network ...
A framework for MAC protocol misbehavior detection in wireless networks
WiSe '05: Proceedings of the 4th ACM workshop on Wireless securityThe pervasiveness of wireless devices and the architectural organization of wireless networks in distributed communities, where no notion of trust can be assumed, are the main reasons for the growing interest in the issue of compliance to protocol ...






Comments