Abstract
This paper describes an intrusion detection system to identify impersonation attacks and Sybil attacks in wireless networks. The detection system uses radio device fingerprinting and has experimental performance comparable with existing intrusion detection methods. The detection systems for Sybil attacks have not been widely investigated to date, and this contribution of the paper is novel. The paper also derives analytical formulae relating metrics of the fingerprinting classification procedure with the metrics of the intrusion detection system. The formulae can be used to guide the selection of the fingerprinting classification method, knowing the desired performance of the detection system. The use of radio device fingerprinting simplifies the task of securing a wireless ad-hoc network.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Lunt, T.: Detecting intruders in computer systems. In: Proceedings of the 1993 Conference on Auditing and Computer Technology (1993)
Anderson, D., Frivold, T., Valdes, A.: Next-generation intrusion detection expert system (NIDES): A summary. SRI-CSL-95-07 (1995)
Ilgun, K., Kemmerer, R., Porras, P.: State transition analysis: A rule-based intrusion detection approach. IEEE Transactions on Software Engineering 21(3), 181–199 (1995)
Kumar, S., Spafford, E.H.: A software architecture to support misuse intrusion detection. In: Proceedings of the 18th National Conference on Information Security, pp. 192–204 (1995)
McHugh, J.: Testing intrusion detection systems: A critique of the 1998 and 1999 DARPA intrusion detection system evaluations as performed by Lincoln Laboratory. ACM Transactions on Information and System Security 3(4), 262–294 (2000)
Lee, W., Stolfo, S.J.: A framework for constructing features and models for intrusion detection systems. ACM Transactions in Information and Systems Security 3(4), 227–261 (2000)
Vigna, G., Valeur, F., Kemmerer, R.A.: Designing and implementing a family of intrusion detection systems. In: Proceedings of ESEC/FSE 2003, pp. 88–97 (2003)
Zhang, Y., Lee, W.: Intrusion detection in wireless ad-hoc networks. In: Proceedings of the MOBICOM 2000, pp. 275–283 (2000)
Huang, Y.A., Lee, W.: A cooperative intrusion detection for ad hoc networks. In: Proceedings of the 1st ACM Workshop on Security of Ad Hoc and Sensor Networks, pp. 135–147 (2003)
Zhang, Y., Lee, W., Huang, Y.A.: Intrusion detection for mobile wireless networks. Wireless Networks 9, 545–556 (2003)
Otey, M., Parthasarathy, S., Gothing, A., Li, G., Narravula, S., Panda, D.: Towards NIC-based intrusion detection. In: Proceedings of SIGKDD 2003, pp. 723–728 (2003)
Hall, J., Barbeau, M., Kranakis, E.: Enhancing intrusion detection in wireless networks using radio frequency fingerprinting. In: Proceeding of Communications, Internet, and Information Technology (CIIT), St. Thomas, US Virgin Islands, pp. 46–56 (2004)
Hall, J., Barbeau, M., Kranakis, E.: Anomaly-based intrusion detection using mobility profiles of public transportation users. In: Proceedings of the IEEE International Conference on Wireless And Mobile Computing, Networking And Communications (WiMob 2005), vol. 2, pp. 17–24 (2005)
Hall, J., Barbeau, M., Kranakis, E.: Detecting impersonation attacks in future wireless and mobile networks. In: Proceedings of the Mobile Ad-hoc Networks and Sensors Workshop (MADNES) (2005)
de Silva, A., Martins, M., Rocha, B., Loureiro, A., Ruiz, L., Wong, H.: Decentralized intrusion detection in wireless sensor networks. In: Proceedings of Q2SWinet 2005, pp. 16–23 (2005)
Newsome, J., Shi, E., Song, D., Perrig, A.: The Sybil attack in sensor networks: Analysis and defenses. In: Third International Symposium on Information Processing in Sensor Networks, IPSN 2004, pp. 259–268 (2004)
Ureten, O., Serinken, N.: Bayesian detection of radio transmitter turn-on transients. In: Proceedings of NISP 1999, pp. 830–834 (1999)
Ureten, O., Serinken, N.: Detection, characterisation and classification of radio transmitter turn-on transients. In: Proceedings of the NATO ASI on Multisensor Data Fusion, pp. 611–616 (2002)
Hall, J., Barbeau, M., Kranakis, E.: Detection of transient in radio frequency fingerprinting using phase characteristics of signals. In: Proceedings of the 3rd IASTED International Conference on Wireless and Optical Communications (WOC), Banff, Alberta, Canada, pp. 13–18 (2003)
Tekbas, O., Serinken, N., Ureten, O.: An experimental performance evaluation of a novel radio-transmitter identification system under diverse environmental conditions. Canadian Journal of Electrical and Computer Engineering 29(3), 203–209 (2004)
Ureten, O., Serinken, N.: Bayesian detection of Wi-Fi transmitter RF fingerprints. Electronic Letters 41(6), 373–374 (2005)
Ureten, O., Serinken, N.: Wireless security through RF fingerprinting. Canadian Journal of Electrical and Computer Engineering (2006/2007) (accepted for publication)
Sieka, B.: Active fingerprinting of 802.11 devices by timing analysis. In: IEEE CCNC 2006, Las Vegas, NV, USA, pp. 15–19 (2006)
Yang, H., Ye, F., Yuan, Y., Lu, S., Arbaugh, W.: Toward resilient security in wireless sensor networks. In: Proceedings of MobiHoc 2005, pp. 34–45 (2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Sieka, B. (2006). Using Radio Device Fingerprinting for the Detection of Impersonation and Sybil Attacks in Wireless Networks. In: Buttyán, L., Gligor, V.D., Westhoff, D. (eds) Security and Privacy in Ad-Hoc and Sensor Networks. ESAS 2006. Lecture Notes in Computer Science, vol 4357. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11964254_16
Download citation
DOI: https://doi.org/10.1007/11964254_16
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-69172-3
Online ISBN: 978-3-540-69173-0
eBook Packages: Computer ScienceComputer Science (R0)