Anomaly-Based intrusion detection algorithms for wireless networks

Authors:
Alexandros G. Fragkiadakis;Vasilios A. Siris;Nikolaos Petroulakis
Affiliations:
Institute of Computer Science, Foundation for Research and Technology - Hellas (FORTH), Heraklion, Crete, Greece;Institute of Computer Science, Foundation for Research and Technology - Hellas (FORTH), Heraklion, Crete, Greece;Institute of Computer Science, Foundation for Research and Technology - Hellas (FORTH), Heraklion, Crete, Greece
Venue:
WWIC'10 Proceedings of the 8th international conference on Wired/Wireless Internet Communications
Year:
2010

Citing 12
Cited 2

Detection of abrupt changes: theory and application

Detection of abrupt changes: theory and application
Change-Point Monitoring for the Detection of DoS Attacks

IEEE Transactions on Dependable and Secure Computing
The feasibility of launching and detecting jamming attacks in wireless networks

Proceedings of the 6th ACM international symposium on Mobile ad hoc networking and computing
MOJO: a distributed physical layer anomaly detection system for 802.11 WLANs

Proceedings of the 4th international conference on Mobile systems, applications and services
Anomaly intrusion detection in wireless sensor networks

Journal of High Speed Networks - Special issue on trusted internet workshop (TIW) 2004
Distributed change-point detection of DDoS attacks: experimental results on DETER testbed

DETER Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test on DETER Community Workshop on Cyber Security Experimentation and Test 2007
Catching instant messaging worms with change-point detection techniques

LEET'08 Proceedings of the 1st Usenix Workshop on Large-Scale Exploits and Emergent Threats
Jamming detection mechanisms for wireless sensor networks

Proceedings of the 3rd international conference on Scalable information systems
Evaluation of detection algorithms for MAC layer misbehavior: theory and experiments

IEEE/ACM Transactions on Networking (TON)
A cross-layer approach to detect jamming attacks in wireless ad hoc networks

MILCOM'06 Proceedings of the 2006 IEEE conference on Military communications
Intrusion detection in wireless ad hoc networks

IEEE Wireless Communications
Jamming sensor networks: attack and defense strategies

IEEE Network: The Magazine of Global Internetworking

WiSec 2011 demo: demonstrating self-contained on-node counter measures for various jamming attacks in WSN

ACM SIGMOBILE Mobile Computing and Communications Review
Detecting transmission power misbehaviour in wi-fi networks

WiFlex'13 Proceedings of the First international conference on Wireless Access Flexibility

Quantified Score

Hi-index	0.00

Visualization

Abstract

In this paper we present and evaluate anomaly-based intrusion detection algorithms for detecting physical layer jamming attacks in wireless networks, by seeking changes in the statistical characteristics of the signal-to-noise ratio (SNR). Two types of algorithms are investigated: simple threshold algorithms and algorithms based on the cumulative sum change point detection procedure. The algorithms consider SNR-based metrics, which include the average SNR, minimum SNR, and max-minus-min SNR values in a short window. The algorithms are applied to measurements taken in two locations, one close and one far from the jammer, and evaluated in terms of the detection probability, false alarm rate, detection delay and their robustness to different detection threshold values. Our results show that the cumulative sum detection procedure can improve the detection probability and false alarm rate when measurements are taken far from the jammer, and can improve the robustness for different values of the detection threshold.