DocumentCode
3286901
Title
Relationship -based Detection of Spoofing -related Anomalous Traffic in Ad Hoc Networks
Author
Li, Qing ; Trappe, Wade
Author_Institution
Lab. of Wireless Inf. Network, Rutgers Univ., Piscataway, NJ
Volume
1
fYear
2006
fDate
28-28 Sept. 2006
Firstpage
50
Lastpage
59
Abstract
Spoofing is a serious threat for both ad hoc and sensor networks, that can cause adverse effects on a network´s operations. Although cryptographic authentication can assure the identity of a transmitter, authentication is not always desirable or possible as it requires key management and more extensive computations. In this paper we argue that it is desirable to have a functionality complementary to traditional authentication that can detect device spoofing with no dependency on cryptographic material. Towards this objective, we propose using forge-resistant relationships associated with transmitted packets to detect anomalous activity. Our strategy is generic, operates in a 1-hop neighborhood, and thus can locally provide protection in order to defend ad hoc or sensor networks from anomalous intrusions. As two specific constructions, we explore the use of monotonic relationships in the sequence number fields, and the enforcement of statistical characteristics of legitimate traffic. We then provide an example of how these relationships can be used to construct a classifier that provides a multi-level threat assessment. We validate the usefulness of these methods for anomalous traffic scenarios involving multiple sources sharing the same MAC address through experiments conducted on the ORBIT wireless testbed
Keywords
ad hoc networks; cryptography; statistical analysis; telecommunication security; telecommunication traffic; wireless sensor networks; MAC address; ad hoc networks; anomalous activity; cryptographic authentication; forge-resistant relationships; key management; multilevel threat assessment; relationship-based detection; sensor networks; spoofing-related anomalous traffic; statistical characteristics; the ORBIT wireless testbed; Ad hoc networks; Authentication; Communications Society; Cryptography; Identity management systems; Laboratories; Protection; Telecommunication traffic; Transmitters; Wireless sensor networks;
fLanguage
English
Publisher
ieee
Conference_Titel
Sensor and Ad Hoc Communications and Networks, 2006. SECON '06. 2006 3rd Annual IEEE Communications Society on
Conference_Location
Reston, VA
Print_ISBN
1-4244-0626-9
Type
conf
DOI
10.1109/SAHCN.2006.288408
Filename
4068107
Link To Document