Abstract
Many mobile wireless networks unintentionally provide opportunity for attackers to launch anonymous attacks or spoof other users, often without fear of being caught. It’s often ideal for network carriers to block all traffic from an attacker, not just the attack traffic, for example to stop any concurrent attacks which cannot be detected by the carrier. We present an approach to detect common attacks at the access point, and leverage this with packet clustering to block all traffic originating from attackers during an attack. To achieve packet clustering, we utilize received signal strength at the access point to properly cluster attack packets according to each unique attacker, and further classify all other packets according to these clusters. Our approach is designed with attacker and legitimate user mobility in mind, low memory overhead, and is scalable to many simultaneous attackers. Our experimental results show very high classification accuracy, sensitivity and specificity.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Chen, Y., Terzis, A.: On the mechanisms and effects of calibrating RSSI measurements for 802.15.4 radios. In: Silva, J.S., Krishnamachari, B., Boavida, F. (eds.) EWSN 2010. LNCS, vol. 5970, pp. 256–271. Springer, Heidelberg (2010)
Faria, D.B., Cheriton, D.R.: Detecting identity-based attacks in wireless networks using signalprints. In: Proceedings of the 5th ACM Workshop on Wireless Security. WiSe 2006, pp. 43–52. ACM, New York (2006)
Guo, F., Chiueh, T.: Sequence number-based MAC address spoof detection. In: Valdes, A., Zamboni, D. (eds.) RAID 2005. LNCS, vol. 3858, pp. 309–329. Springer, Heidelberg (2006)
Handley, M., Paxson, V., Kreibich, C.: Network intrusion detection: evasion, traffic normalization, and end-to-end protocol semantics. In: Proceedings of the 10th Conference on USENIX Security Symposium. SSYM 2001, vol. 10, pp. 9–9. USENIX Association, Berkeley (2001). http://dl.acm.org/citation.cfm?id=1267612.1267621
Iannucci, B., Tague, P., Mengshoel, O.J., Lohn, J.: Crossmobile: A cross-layer architecture for next-generation wireless systems. Tech. Rep. CMU-SV-14-001, Carnegie Institute of Technology (March 2014)
Ling, Y., Gu, Y., Wei, G.: Detect syn flooding attack in edge routers. International Journal of Security and its Applications 3(1) (January 2009)
Lui, G., Gallagher, T., Li, B., Dempster, A., Rizos, C.: Differences in RSSI readings made by different wi-fi chipsets: a limitation of WLAN localization. In: 2011 International Conference on Localization and GNSS (ICL-GNSS), pp. 53–57, June 2011
Sheng, Y., Tan, K., Chen, G., Kotz, D., Campbell, A.: Detecting 802.11 MAC layer spoofing using received signal strength. In: The 27th Conference on Computer Communications. INFOCOM 2008. IEEE, April 2008
Sugano, M.: Indoor localization system using RSSI measurement of wireless sensor network based on zigbee standard. In: Wireless and Optical Communications, pp. 1–6. IASTED/ACTA Press (2006)
Varga, A., Hornig, R.: An overview of the omnet++ simulation environment. In: Proceedings of the 1st International Conference on Simulation Tools and Techniques for Communications, Networks and Systems & Workshops. Simutools 2008, pp. 60:1–60:10. ICST (Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering), Brussels, Belgium (2008)
Wang, H., Zhang, D., Shin, K.: Detecting SYN flooding attacks. In: Proceedings of IEEE INFOCOM, vol. 3, pp. 1530–1539 (2002)
Wessels, A., Wang, X., Laur, R., Lang, W.: Dynamic indoor localization using multilateration with RSSI in wireless sensor networks for transport logistics. Procedia Engineering 5, 220–223 (2010). eurosensor XXIV Conference
Xiao, B., Chen, W., He, Y., Sha, E.H.M.: An active detecting method against SYN flooding attack. In: The 11th IEEE International Conference on Parallel and Distributed Systems (ICPADS 2005), vol. 1, pp. 709–715, July 2005
Yang, J., Chen, Y., Trappe, W.: Detecting spoofing attacks in mobile wireless environments. In: 6th Annual IEEE Communications Society Conference on Sensor, Mesh and Ad Hoc Communications and Networks. SECON 2009, pp. 1–9, June 2009
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Ricks, B., Tague, P. (2015). Isolation of Multiple Anonymous Attackers in Mobile Networks. In: Qiu, M., Xu, S., Yung, M., Zhang, H. (eds) Network and System Security. NSS 2015. Lecture Notes in Computer Science(), vol 9408. Springer, Cham. https://doi.org/10.1007/978-3-319-25645-0_3
Download citation
DOI: https://doi.org/10.1007/978-3-319-25645-0_3
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-25644-3
Online ISBN: 978-3-319-25645-0
eBook Packages: Computer ScienceComputer Science (R0)