An Event-Based Packet Dropping Detection Scheme for Wireless Mesh Networks

  • Anderson Morais
  • Ana Cavalli
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7672)

Abstract

In Wireless Mesh Networks (WMNs), mesh nodes cooperate and forward packets from each other in order to extend their communication range and reach nodes outside their transmission coverage. However, malicious nodes may refuse to cooperate by intentionally dropping packets in order to disrupt the integrity of network services. In this paper, we introduce a distributed and cooperative approach for detection of packet dropping attacks. Intrusion detectors are individually placed at each node to passively monitor the node behavior and exchange routing events and detection results with neighboring nodes. Based on the exchanged events, each node is able to instantly detect malicious behavior on the own node’s communication link or in the neighborhood. A virtualized mesh network environment composed of virtual machines is used to implement the distributed detection approach and demonstrate its effectiveness and reliability for detecting packet dropping attacks in the mesh network.

Keywords

Packet dropping attack Intrusion detection system Wireless mesh network Routing misbehavior 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Zhang, W., Wang, Z., Das, S.K., Hassan, M.: Security issues in wireless mesh networks. Wireless Mesh Networks: Architectures and Protocols. Springer, New York (2008)Google Scholar
  2. 2.
    Akyildiz, I.F., Wang, X., Wang, W.: Wireless mesh networks: a survey. Computer Networks 47, 445–487 (2005)CrossRefMATHGoogle Scholar
  3. 3.
    Huang, Y., Lee, W.: A cooperative intrusion detection system for ad-hoc networks. In: 1st Workshop on Security of Ad-Hoc and Sensor Networks (SASN 2003), pp. 135–147 (2003)Google Scholar
  4. 4.
    Yu, Y., Li, K., Zhou, W., Li, P.: Trust mechanisms in wireless sensor networks: Attack analysis and countermeasures. Journal of Network and Computer Applications 35(3), 867–880 (2012)CrossRefGoogle Scholar
  5. 5.
    Yang, H., Shu, J., Meng, X., Lu, S.: SCAN: self-organized network-layer security in mobile ad-hoc networks. IEEE Journal on Selected Areas in Communications 24(2), 261–273 (2006)CrossRefGoogle Scholar
  6. 6.
    Komninos, N., Douligeris, C.: LIDF: layered intrusion detection framework for ad-hoc networks. Ad Hoc Networks 7(1), 171–182 (2009)CrossRefGoogle Scholar
  7. 7.
    Saxena, N., Denko, M., Banerji, D.: A hierarchical architecture for detecting selfish behaviour in community wireless mesh networks. Computer Communications 34(4), 548–555 (2011)CrossRefGoogle Scholar
  8. 8.
    Bo-Chao, C., Ryh-Yuh, T.: A Context Adaptive Intrusion Detection System for MANET. Computer Communications 34(3), 310–318 (2011)CrossRefGoogle Scholar
  9. 9.
    Hu, J.: Host-Based Anomaly Intrusion Detection. In: Handbook of Information and Communication Security, pp. 235–255 (2010)Google Scholar
  10. 10.
    Razak, S.A., Furnell, S.M., Clarke, N.L., Brooke, P.J.: Friend-assisted intrusion detection and response mechanisms for mobile ad hoc networks. Ad Hoc Networks 6(7), 1151–1167 (2008)CrossRefGoogle Scholar
  11. 11.
    Neumann, A., Aichele, C., Lindner, M., Wunderlich, S.: Better Approach To Mobile Ad-hoc Networking (B.A.T.M.A.N.). IETF Internet-Draft (expired October 2008) (April 2008) Google Scholar
  12. 12.
    Morais, A.,Cavalli, A.: Route Manipulation Attack in Wireless Mesh Networks. In: 25th IEEE International Conference on Advanced Information Networking and Applications (AINA 2011), pp. 501–508 (March 2011) Google Scholar
  13. 13.
    B.A.T.M.A.N. advanced version 2011.2.0, http://www.open-mesh.org/
  14. 14.
    QEMU - machine emulator and virtualizer, http://wiki.qemu.org/
  15. 15.
  16. 16.
    Virtual Distributed Ethernet switch, http://wiki.virtualsquare.org/wiki/index.php/VDE/
  17. 17.
    Bro - Network Security Monitor, http://bro-ids.org/
  18. 18.
    Abolhasan, M., Hagelstein, B., Wang, J.C.-P.: Real-world performance of current proactive multi-hop mesh protocols. In: 15th Asia-Pacific Conference on Communications (APCC 2009), pp. 42–45. IEEE Press, Piscataway (2009)Google Scholar
  19. 19.
    Morais, A., Cavalli, A.: A Distributed Intrusion Detection Scheme for Wireless Ad Hoc Networks. In: 27th Annual ACM Symposium on Applied Computing (March 2012)Google Scholar
  20. 20.
    Paxson, V.: Bro: A System for Detecting Network Intruders in Real-Time. Computer Networks 31(23-24), 2435–2463 (1999)CrossRefGoogle Scholar
  21. 21.
    Morais, A., Cavalli, A.: Detection of Attacks in Wireless Mesh Networks. In: 5th Latin-American Symposium on Dependable Computing (LADC 2011), pp. 45–54 (April 2011)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Anderson Morais
    • 1
  • Ana Cavalli
    • 1
  1. 1.Software-Networks DepartmentTelecom SudParisFrance

Personalised recommendations