A mechanism for detecting and responding to misbehaving nodes in wireless networks

Damon McCoy, Doug Sicker, Dirk Grunwald

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    Abstract

    While mechanisms exist to instantiate common security functionality such as confidentiality and integrity, little has been done to define a mechanism for identification and remediation of devices engaging in behavior deemed inappropriate. This ability is particularly relevant as devices become increasingly adaptive through the development of software-defined and frequency agile radios. Adaptive devices can alter their behavior in a way that is noncompliant to a given set of standards and thus cause problems for other compliant devices. We address this deficiency by developing and assessing a mechanism for detecting misbehaving nodes in wireless systems. While we developed our system on an 802.11 network, the same approach could readily be applied to other wireless networks. Our mechanism is based on a reputation-enabled intrusion detection system, in which a centralized trust authority monitors traffic and collects secondhand information on potentially misbehaving nodes. The system integrates a mixture of alarms and reports to calculate a reputation vector of all nodes in the system. An XML based policy engine is used to detect policy violations. These mechanisms are built to be flexible and extensible in order to deal with the issues arising out of software programmable devices. In extending beyond traditional intrusion detection, our approach will incorporate physical layer information, such as power and frequency use, in determining improper behavior. In evaluating the system, we consider how our mechanism, 1) impacts system performance, 2) correctly identifies misbehaving nodes, 3) addresses "bad mouthing" and 4) resists collusion.

    Original languageEnglish (US)
    Title of host publication2007 2nd IEEE Workshop on Networking Technologies for Software Defined Radio Networks, SDR
    Pages48-54
    Number of pages7
    DOIs
    StatePublished - 2007
    Event2nd IEEE Workshop on Networking Technologies for Software Defined Radio Networks, SDR 2007 - San Diego, CA, United States
    Duration: Jun 18 2007Jun 21 2007

    Publication series

    Name2007 2nd IEEE Workshop on Networking Technologies for Software Defined Radio Networks, SDR

    Other

    Other2nd IEEE Workshop on Networking Technologies for Software Defined Radio Networks, SDR 2007
    Country/TerritoryUnited States
    CitySan Diego, CA
    Period6/18/076/21/07

    ASJC Scopus subject areas

    • Computer Networks and Communications
    • Software
    • Communication

    Fingerprint

    Dive into the research topics of 'A mechanism for detecting and responding to misbehaving nodes in wireless networks'. Together they form a unique fingerprint.

    Cite this