Title : 
An on-line wireless attack detection system using multi-layer data fusion
         
        
            Author : 
Aparicio-Navarro, Francisco J. ; Kyriakopoulos, Konstantinos G. ; Parish, David J.
         
        
            Author_Institution : 
Dept. of Electron. & Electr. Eng., Loughborough Univ., Loughborough, UK
         
        
        
        
        
        
            Abstract : 
Computer networks and more specifically wireless communication networks are increasingly becoming susceptible to more sophisticated and untraceable attacks. Most of the current Intrusion Detection Systems either focus on just one layer of observation or use a limited number of metrics without proper data fusion techniques. However, the true status of a network is rarely accurately detectable by examining only one network layer. This paper describes a synergistic approach of fusing decisions of whether an attack takes place by using multiple measurements from different layers of wireless communication networks. The described method is implemented on a live system that monitors a wireless network in real time and gives an indication of whether a malicious frame exists or not. This is achieved by analysing specific metrics and comparing them against historical data. The proposed system assigns for each metric a belief of whether an attack takes place or not. The beliefs from different metrics are fused with the Dempster-Shafer technique with the ultimate goal of limiting false alarms by combining beliefs from various network layers. The on-line experimental results show that cross-layer techniques and data fusion perform more efficiently compared to conventional methods.
         
        
            Keywords : 
inference mechanisms; radiocommunication; sensor fusion; telecommunication security; Dempster-Shafer technique; computer network; cross-layer technique; intrusion detection system; malicious frame; multilayer data fusion; online wireless attack detection system; synergistic approach; wireless communication network; Intrusion detection; Measurement; Monitoring; Real time systems; Web sites; Wireless networks; Cross-layer measurements; Data fusion; Dempster-Shafer; Wi-Fi; Wireless attacks;
         
        
        
        
            Conference_Titel : 
Measurements and Networking Proceedings (M&N), 2011 IEEE International Workshop on
         
        
            Conference_Location : 
Anacapri
         
        
            Print_ISBN : 
978-1-4577-0455-0
         
        
        
            DOI : 
10.1109/IWMN.2011.6088478