37 research outputs found
RIDA: Robust Intrusion Detection in Ad Hoc Networks
We focus on detecting intrusions in wireless ad hoc networks using the misuse detection technique. We allow for detection modules that periodically fail to detect attacks and also generate false positives. Combining theories of hypothesis testing and approximation algorithms, we develop a framework to counter different threats while minimizing the resource consumption. We obtain computationally simple optimal rules for aggregating and thereby minimizing the errors in the decisions of the nodes executing the intrusion detection software (IDS) modules. But, we show that the selection of the optimal set of nodes for executing the IDS is an NP-hard problem. We present a polynomial complexity selection algorithm that attains a guaranteeable approximation bound. We also modify this algorithm to allow for seamless operation in time varying topologies, and evaluate the efficacy of the approximation algorithm and its modifications using simulation. We identify a selection algorithm that attains a good balance between performance and complexity for attaining robust intrusion detection in ad hoc networks
Recommended from our members
SAXS and SANS studies of surfactants and reverse micelles in supercritical CO{sub 2}
Surfactants promise to extend the applicability of supercritical CO{sub 2} (SC-CO{sub 2}) to processing of insoluble materials such as polymers and aqueous systems. In this short paper the authors summarize the techniques for studying surfactants and reverse micelles in SC-CO{sub 2} using SAXS and SANS; they will describe the scattering instruments and the pressure cells for conducting these studies; they will describe the types of measurement that yield the desired characterizations; they will describe the methods of data analysis and interpretation; and they will provide illustrative results from this laboratory. Industry seeks to replace common organic solvents now used in many reaction and separation processes; SC-CO{sub 2} is a potential solvent substitute widely favored by both government and industry. The currently available surfactants are limited in number and performance. In ongoing work the authors are coupling their SAXS and SANS scattering studies with complementary molecular simulations in efforts to understand, at a molecular level, what surfactant characteristics lead to improved performance. They hope that superior surfactants for use in SC-CO{sub 2} can be designed and synthesized based on this new level of understanding
A novel privacy preserving user identification approach for network traffic
The prevalence of the Internet and cloud-based applications, alongside the technological evolution of smartphones, tablets and smartwatches, has resulted in users relying upon network connectivity more than ever before. This results in an increasingly voluminous footprint with respect to the network traffic that is created as a consequence. For network forensic examiners, this traffic represents a vital source of independent evidence in an environment where anti-forensics is increasingly challenging the validity of computer-based forensics. Performing network forensics today largely focuses upon an analysis based upon the Internet Protocol (IP) address – as this is the only characteristic available. More typically, however, investigators are not actually interested in the IP address but rather the associated user (whose account might have been compromised). However, given the range of devices (e.g., laptop, mobile, and tablet) that a user might be using and the widespread use of DHCP, IP is not a reliable and consistent means of understanding the traffic from a user. This paper presents a novel approach to the identification of users from network traffic using only the meta-data of the traffic (i.e. rather than payload) and the creation of application-level user interactions, which are proven to provide a far richer discriminatory feature set to enable more reliable identity verification. A study involving data collected from 46 users over a two-month period generated over 112 GBs of meta-data traffic was undertaken to examine the novel user-interaction based feature extraction algorithm. On an individual application basis, the approach can achieve recognition rates of 90%, with some users experiencing recognition performance of 100%. The consequence of this recognition is an enormous reduction in the volume of traffic an investigator has to analyse, allowing them to focus upon a particular suspect or enabling them to disregard traffic and focus upon what is left