Collaborative detection of traffic anomalies using first order Markov chains

Author

Dudek, Denise

Author_Institution

Karlsruhe Inst. of Technol., Inst. of Telematics, Karlsruhe, Germany

fYear

2012

fDate

11-14 June 2012

Firstpage

1

Lastpage

4

Abstract

The application of wireless sensor networks in safety-relevant scenarios often fails for reasons of security concerns. While some attacks may be prevented using cryptographic means, e.g., message authentication or encryption, preventing others, such as Denial of Service (DoS) with current technology is difficult. This paper proposes to detect DoS-related traffic anomalies using first order Markov chains. The approach allows to impose a strict limit on the number of states, thus avoiding state space explosion. It is shown that good detection results can be achieved - with more than 85% of the nodes achieving 3% false positive errors or less, in the worst case. Maximum false error rates can be drastically reduced using a simple collaboration scheme.

Keywords

Markov processes; security of data; telecommunication security; telecommunication traffic; wireless sensor networks; collaborative detection; denial of service attack; first order Markov chains; safety relevant scenario; traffic anomaly detection; wireless sensor network; Collaboration; Computer crime; Error analysis; Markov processes; Protocols; Runtime; Wireless sensor networks; Availability; Security; Wireless sensor networks;

fLanguage

English

Publisher

ieee

Conference_Titel

Networked Sensing Systems (INSS), 2012 Ninth International Conference on

Conference_Location

Antwerp

Print_ISBN

978-1-4673-1784-9

Electronic_ISBN

978-1-4673-1785-6

Type

conf

DOI

10.1109/INSS.2012.6240522

Filename

6240522