Synoptic analysis techniques for intrusion detection in wireless networks

Current system administrators are missing intrusion alerts hidden by large numbers of false positives. Rather than accumulation more data to identify true alerts, we propose an intrusion detection tool that e?ectively uses select data to provide a picture of ?network health?. Our hypothesis is that by utilizing the data available at both the node and cooperative network levels we can create a synoptic picture of the network providing indications of many intrusions or other network issues. Our major contribution is to provide a revolutionary way to analyze node and network data for patterns, dependence, and e?ects that indicate network issues. We collect node and network data, combine and manipulate it, and tease out information about the state of the network. We present a method based on utilizing the number of packets sent, number of packets received, node reliability, route reliability, and entropy to develop a synoptic picture of the network health in the presence of a sinkhole and a HELLO Flood attacker. This method conserves network throughput and node energy by requiring no additional control messages to be sent between the nodes unless an attacker is suspected. We intend to show that, although the concept of an intrusion detection system is not revolutionary, the method in which we analyze the data for clues about network intrusion and performance is highly innovative

Security aspects of policy controlled cognitive radio

Cognitive radio networks envision coexistence of several primary and secondary systems in the same environment, where the secondary system actors must cooperate among each other to achieve the goal of higher spectrum utilization concurrently protecting the primary system. The nature of this type of networks makes them vulnerable to a variety of malicious attacks that can decrease the performance of the secondary and especially the primary system. This paper focuses on the security issues in policy controlled cognitive networks and identifies several security threats in terms of the main policy processes. The paper elaborates on the reflection of the security threats on the network behavior and performance and gives generic guidelines on how to protect from these attacks and alleviate their impact in the overall cognitive network performance. Furthermore, the paper describes the system model for a secure communication protocol to exchange the spectrum policies. The proposed model is analyzed and evaluated for two specific use-cases: opportunistic spectrum sharing in white spaces and prioritized spectrum sharing.JRC.G.6-Security technology assessmen