Title :
Analyzing active probing for practical intrusion detection in Wireless Multihop Networks
Author :
do Carmo, Rodrigo ; Hollick, M.
Author_Institution :
Secure Mobile Networking Lab. (SEEMOO), Tech. Univ. Darmstadt, Darmstadt, Germany
Abstract :
Practical intrusion detection in Wireless Multihop Networks (WMNs) is a hard challenge. It has been shown that an active-probing-based network intrusion detection system (AP-NIDS) is practical for WMNs. However, understanding its interworking with real networks is still an unexplored challenge. In this paper, we investigate this in practice. We identify the general functional parameters that can be controlled, and by means of extensive experimentation, we tune these parameters and analyze the trade-offs between them, aiming at reducing false positives, overhead, and detection time. The traces we collected help us to understand when and why the active probing fails, and let us present countermeasures to prevent it.
Keywords :
frequency hop communication; security of data; wireless mesh networks; active-probing-based network intrusion detection system; wireless mesh network; wireless multihop networks; Ad hoc networks; Communication system security; Intrusion detection; Routing protocols; Testing; Wireless communication; Wireless sensor networks;
Conference_Titel :
Wireless On-demand Network Systems and Services (WONS), 2014 11th Annual Conference on
Conference_Location :
Obergurgl
DOI :
10.1109/WONS.2014.6814725
