24 research outputs found
Data analytics methods for attack detection and localization in wireless networks
Wireless ad hoc network operates without any fixed infrastructure and centralized administration. It is a group of wirelessly connected nodes having the capability to work as host and router. Due to its features of open communication medium, dynamic changing topology, and cooperative algorithm, security is the primary concern when designing wireless networks. Compared to the traditional wired network, a clean division of layers may be sacrificed for performance in wireless ad hoc networks. As a result, they are vulnerable to various types of attacks at different layers of the protocol stack. In this paper, I present real-time series data analysis solutions to detect various attacks including in- band wormholes attack in the network layer, various MAC layer misbehaviors, and jamming attack in the physical layer. And, I also investigate the problem of node localization in wireless and sensor networks, where a total of n anchor nodes are used to determine the locations of other nodes based on the received signal strengths. A range-based machine learning algorithm is developed to tackle the challenges --Abstract, page iii
MAC Layer Misbehavior Effectiveness and Collective Aggressive Reaction Approach
Abstract-Current wireless MAC protocols are designed to provide an equal share of throughput to all nodes in the network. However, the presence of misbehaving nodes (selfish nodes which deviate from standard protocol behavior in order to get higher bandwidth) poses severe threats to the fairness aspects of MAC protocols. In this paper, we investigate various types of MAC layer misbehaviors, and evaluate their effectiveness in terms of their impact on important performance aspects including throughput, and fairness to other users. We observe that the effects of misbehavior are prominent only when the network traffic is sufficiently large and the extent of misbehavior is reasonably aggressive. In addition, we find that performance gains achieved using misbehavior exhibit diminishing returns with respect to its aggressiveness, for all types of misbehaviors considered. We identify crucial common characteristics among such misbehaviors, and employ our learning to design an effective measure to react towards such misbehaviors. Employing two of the most effective misbehaviors, we study the effect of collective aggressiveness of non-selfish nodes as a possible strategy to react towards selfish misbehavior. Particularly, we demonstrate that a collective aggressive reaction approach is able to ensure fairness in the network, however at the expense of overall network throughput degradation
Secure Routing and Medium Access Protocols inWireless Multi-hop Networks
While the rapid proliferation of mobile devices along with the tremendous growth of various applications using
wireless multi-hop networks have significantly facilitate our human life, securing and ensuring high quality
services of these networks are still a primary concern. In particular, anomalous protocol operation in wireless
multi-hop networks has recently received considerable attention in the research community. These relevant security
issues are fundamentally different from those of wireline networks due to the special characteristics of
wireless multi-hop networks, such as the limited energy resources and the lack of centralized control. These issues
are extremely hard to cope with due to the absence of trust relationships between the nodes.
To enhance security in wireless multi-hop networks, this dissertation addresses both MAC and routing layers
misbehaviors issues, with main focuses on thwarting black hole attack in proactive routing protocols like OLSR,
and greedy behavior in IEEE 802.11 MAC protocol. Our contributions are briefly summarized as follows.
As for black hole attack, we analyze two types of attack scenarios: one is launched at routing layer, and the
other is cross layer. We then provide comprehensive analysis on the consequences of this attack and propose
effective countermeasures.
As for MAC layer misbehavior, we particularly study the adaptive greedy behavior in the context of Wireless
Mesh Networks (WMNs) and propose FLSAC (Fuzzy Logic based scheme to Struggle against Adaptive Cheaters)
to cope with it. A new characterization of the greedy behavior in Mobile Ad Hoc Networks (MANETs) is also
introduced. Finally, we design a new backoff scheme to quickly detect the greedy nodes that do not comply with
IEEE 802.11 MAC protocol, together with a reaction scheme that encourages the greedy nodes to become honest
rather than punishing them
Secure Routing and Medium Access Protocols inWireless Multi-hop Networks
While the rapid proliferation of mobile devices along with the tremendous growth of various applications using
wireless multi-hop networks have significantly facilitate our human life, securing and ensuring high quality
services of these networks are still a primary concern. In particular, anomalous protocol operation in wireless
multi-hop networks has recently received considerable attention in the research community. These relevant security
issues are fundamentally different from those of wireline networks due to the special characteristics of
wireless multi-hop networks, such as the limited energy resources and the lack of centralized control. These issues
are extremely hard to cope with due to the absence of trust relationships between the nodes.
To enhance security in wireless multi-hop networks, this dissertation addresses both MAC and routing layers
misbehaviors issues, with main focuses on thwarting black hole attack in proactive routing protocols like OLSR,
and greedy behavior in IEEE 802.11 MAC protocol. Our contributions are briefly summarized as follows.
As for black hole attack, we analyze two types of attack scenarios: one is launched at routing layer, and the
other is cross layer. We then provide comprehensive analysis on the consequences of this attack and propose
effective countermeasures.
As for MAC layer misbehavior, we particularly study the adaptive greedy behavior in the context of Wireless
Mesh Networks (WMNs) and propose FLSAC (Fuzzy Logic based scheme to Struggle against Adaptive Cheaters)
to cope with it. A new characterization of the greedy behavior in Mobile Ad Hoc Networks (MANETs) is also
introduced. Finally, we design a new backoff scheme to quickly detect the greedy nodes that do not comply with
IEEE 802.11 MAC protocol, together with a reaction scheme that encourages the greedy nodes to become honest
rather than punishing them
Detection of selfish manipulation of carrier sensing in 802.11 networks
Recently, tuning the clear channel assessment (CCA) threshold in conjunction with power control has been considered for improving the performance of WLANs. However, we show that, CCA tuning can be exploited by selfish nodes to obtain an unfair share of the available bandwidth. Specifically, a selfish entity can manipulate the CCA threshold to ignore ongoing transmissions; this increases the probability of accessing the medium and provides the entity a higher, unfair share of the bandwidth. We experiment on our 802.11 testbed to characterize the effects of CCA tuning on both isolated links and in 802.11 WLAN configurations. We focus on AP-client(s) configurations, proposing a novel approach to detect this misbehavior. A misbehaving client is unlikely to recognize low power receptions as legitimate packets; by intelligently sending low power probe messages, an AP can efficiently detect a misbehaving node. Our key contributions are: 1) We are the first to quantify the impact of selfish CCA tuning via extensive experimentation on various 802.11 configurations. 2) We propose a lightweight scheme for detecting selfish nodes that inappropriately increase their CCAs. 3) We extensively evaluate our system on our testbed; its accuracy is 95 percent while the false positive rate is less than 5 percent. © 2012 IEEE
Collaboration Enforcement In Mobile Ad Hoc Networks
Mobile Ad hoc NETworks (MANETs) have attracted great research interest in recent years. Among many issues, lack of motivation for participating nodes to collaborate forms a major obstacle to the adoption of MANETs. Many contemporary collaboration enforcement techniques employ reputation mechanisms for nodes to avoid and penalize malicious participants. Reputation information is propagated among participants and updated based on complicated trust relationships to thwart false accusation of benign nodes. The aforementioned strategy suffers from low scalability and is likely to be exploited by adversaries. To address these problems, we first propose a finite state model. With this technique, no reputation information is propagated in the network and malicious nodes cannot cause false penalty to benign hosts. Misbehaving node detection is performed on-demand; and malicious node punishment and avoidance are accomplished by only maintaining reputation information within neighboring nodes. This scheme, however, requires that each node equip with a tamper-proof hardware. In the second technique, no such restriction applies. Participating nodes classify their one-hop neighbors through direct observation and misbehaving nodes are penalized within their localities. Data packets are dynamically rerouted to circumvent selfish nodes. In both schemes, overall network performance is greatly enhanced. Our approach significantly simplifies the collaboration enforcement process, incurs low overhead, and is robust against various malicious behaviors. Simulation results based on different system configurations indicate that the proposed technique can significantly improve network performance with very low communication cost
Protecting 802.11-Based Wireless Networks From SCTS and JACK Attacks
The convenience of IEEE 802.11-based wireless access networks has led to widespread deployment. However, these applications are predicated on the assumption of availability and confidentiality. Error-prone wireless networks afford an attacker considerable flexibility to exploit the vulnerabilities of 802.11-based mechanism. Two of most famous misbehaviors are selfish and malicious attacks. In this thesis we investigate two attacks: Spurious CTS attack (SCTS) and Jamming ACK attack (JACK). In the SCTS, malicious nodes may send periodic Spurious CTS packets to force other nodes to update their NAV values and prevent them from using the channel. In the JACK, an attacker ruins legitimate ACK packets for the intention of disrupting the traffic flow and draining the battery energy of victim nodes quickly. Correspondingly, we propose solutions: termed Carrier Sensing based Discarding (CSD), and Extended Network Allocation Vector (ENAV) scheme. We further demonstrate the performance of our proposed schemes through analysis and NS2 simulations