TY - GEN
T1 - Adaptive CUSUM algorithm to detect malicious behaviors in wireless mesh networks
AU - Dromard, Juliette
AU - Khatoun, Rida
AU - Khoukhi, Lyes
PY - 2014/1/1
Y1 - 2014/1/1
N2 - Wireless mesh networks (WMNs) are very attractive networks as they are low cost and able to extend Internet rapidly in areas where other networks (e.g., Wi-Fi, MANETs, wired networks, 3G) cannot access due to their technical and/or economical limitations. However, these networks have to deal with security issues which prevent their deployment. In this paper, we propose a new reputation scheme which aims at preventing nodes from falsely detecting their neighbors as misbehaving due to packet loss over their links. The proposed reputation scheme is based on the fact that a link's packet loss ratio, when it is computed over a large quantity of observations, is quite stable over time. To detect misbehaving neighbors, a node, via its IDS, compares with the statistical method CUSUM (cumulative sum control chart) whether the distribution of packet loss rate observed for each of its neighbors follows the expected distribution or not. The validation of our solution shows that it allows to assign to nodes a trust value which reflects their real behavior.
AB - Wireless mesh networks (WMNs) are very attractive networks as they are low cost and able to extend Internet rapidly in areas where other networks (e.g., Wi-Fi, MANETs, wired networks, 3G) cannot access due to their technical and/or economical limitations. However, these networks have to deal with security issues which prevent their deployment. In this paper, we propose a new reputation scheme which aims at preventing nodes from falsely detecting their neighbors as misbehaving due to packet loss over their links. The proposed reputation scheme is based on the fact that a link's packet loss ratio, when it is computed over a large quantity of observations, is quite stable over time. To detect misbehaving neighbors, a node, via its IDS, compares with the statistical method CUSUM (cumulative sum control chart) whether the distribution of packet loss rate observed for each of its neighbors follows the expected distribution or not. The validation of our solution shows that it allows to assign to nodes a trust value which reflects their real behavior.
KW - Wireless mesh networks
KW - intrusion detection system
KW - reputation computation
U2 - 10.1007/978-3-662-43862-6_3
DO - 10.1007/978-3-662-43862-6_3
M3 - Conference contribution
AN - SCOPUS:84904157131
SN - 9783662438619
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 29
EP - 41
BT - Monitoring and Securing Virtualized Networks and Services - 8th IFIP WG 6.6 International Conference on Autonomous Infrastructure, Management, and Security, AIMS 2014, Proceedings
PB - Springer Verlag
T2 - 8th IFIP WG 6.6 International Conference on Autonomous Infrastructure, Management, and Security, AIMS 2014
Y2 - 30 June 2014 through 3 July 2014
ER -