Protecting Wireless Mesh Networks through a distributed intrusion prevention framework

Oscar Rodas; Marco Antonio To; Jose Alvarez; Stephane Maag

doi:10.1109/LATINCOM.2015.7430126

Protecting Wireless Mesh Networks through a distributed intrusion prevention framework

Oscar Rodas
, Marco Antonio To
, Jose Alvarez
, Stephane Maag

Universidad Galileo

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

Wireless Mesh Networks (WMN) are growing rapidly in the research community due to their numerous applications and shared services. A feature in this kind of networks is the any-to-any connectivity, which opens the network for diverse kinds of attacks. These attacks generate extra traffic that possibly carries unauthorized intrusions. Our proposal, the IBW Framework, includes an approach for security in WMN detecting and mitigating the attacks through the use of non-relational databases for the data correlation and the dissemination of intrusion information among the nodes in WMN to reduce the amount of attacks in short time. Data correlation is done from the log data of servers and distributed Intrusion Detection & Prevention Systems (IDSs & IPSs) using syslog information with a particular format. Intrusion Prevention Systems can be implemented with any kind of solution, in our case we proposed iptables. Finally, a Case Study is presented, using the OLSR routing protocol and Brute Force attacks comparing our proposal with an open source blocking tool Fail2Ban. The whole scenario is being emulated in Dockemu to generate similar attack patterns for the result comparison.

Original language	English
Title of host publication	2015 7th IEEE Latin-American Conference on Communications, LATINCOM 2015
Editors	Gonzalo M. Fernandez Del Carpio
Publisher	Institute of Electrical and Electronics Engineers Inc.
ISBN (Electronic)	9781467384513
DOIs	https://doi.org/10.1109/LATINCOM.2015.7430126
Publication status	Published - 9 Mar 2016
Event	7th IEEE Latin-American Conference on Communications, LATINCOM 2015 - Arequipa, Peru Duration: 4 Nov 2015 → 6 Nov 2015

Publication series

Name	2015 7th IEEE Latin-American Conference on Communications, LATINCOM 2015

Conference

Conference	7th IEEE Latin-American Conference on Communications, LATINCOM 2015
Country/Territory	Peru
City	Arequipa
Period	4/11/15 → 6/11/15

Keywords

Dockemu
Intrusion detection
classification-based hybrid ips
intrusion prevention
ips
mongodb
scalabe ips
syslog
wireless
wireless mesh networks

Access to Document

10.1109/LATINCOM.2015.7430126

Cite this

Rodas, O., To, M. A., Alvarez, J., & Maag, S. (2016). Protecting Wireless Mesh Networks through a distributed intrusion prevention framework. In G. M. Fernandez Del Carpio (Ed.), 2015 7th IEEE Latin-American Conference on Communications, LATINCOM 2015 Article 7430126 (2015 7th IEEE Latin-American Conference on Communications, LATINCOM 2015). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/LATINCOM.2015.7430126

Rodas, Oscar ; To, Marco Antonio ; Alvarez, Jose et al. / Protecting Wireless Mesh Networks through a distributed intrusion prevention framework. 2015 7th IEEE Latin-American Conference on Communications, LATINCOM 2015. editor / Gonzalo M. Fernandez Del Carpio. Institute of Electrical and Electronics Engineers Inc., 2016. (2015 7th IEEE Latin-American Conference on Communications, LATINCOM 2015).

@inproceedings{c1adf76f4a344bc7a8d25f57c1946d53,

title = "Protecting Wireless Mesh Networks through a distributed intrusion prevention framework",

abstract = "Wireless Mesh Networks (WMN) are growing rapidly in the research community due to their numerous applications and shared services. A feature in this kind of networks is the any-to-any connectivity, which opens the network for diverse kinds of attacks. These attacks generate extra traffic that possibly carries unauthorized intrusions. Our proposal, the IBW Framework, includes an approach for security in WMN detecting and mitigating the attacks through the use of non-relational databases for the data correlation and the dissemination of intrusion information among the nodes in WMN to reduce the amount of attacks in short time. Data correlation is done from the log data of servers and distributed Intrusion Detection \& Prevention Systems (IDSs \& IPSs) using syslog information with a particular format. Intrusion Prevention Systems can be implemented with any kind of solution, in our case we proposed iptables. Finally, a Case Study is presented, using the OLSR routing protocol and Brute Force attacks comparing our proposal with an open source blocking tool Fail2Ban. The whole scenario is being emulated in Dockemu to generate similar attack patterns for the result comparison.",

keywords = "Dockemu, Intrusion detection, classification-based hybrid ips, intrusion prevention, ips, mongodb, scalabe ips, syslog, wireless, wireless mesh networks",

author = "Oscar Rodas and To, \{Marco Antonio\} and Jose Alvarez and Stephane Maag",

note = "Publisher Copyright: {\textcopyright} 2015 IEEE.; 7th IEEE Latin-American Conference on Communications, LATINCOM 2015 ; Conference date: 04-11-2015 Through 06-11-2015",

year = "2016",

month = mar,

day = "9",

doi = "10.1109/LATINCOM.2015.7430126",

language = "English",

series = "2015 7th IEEE Latin-American Conference on Communications, LATINCOM 2015",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

editor = "\{Fernandez Del Carpio\}, \{Gonzalo M.\}",

booktitle = "2015 7th IEEE Latin-American Conference on Communications, LATINCOM 2015",

}

Rodas, O, To, MA, Alvarez, J & Maag, S 2016, Protecting Wireless Mesh Networks through a distributed intrusion prevention framework. in GM Fernandez Del Carpio (ed.), 2015 7th IEEE Latin-American Conference on Communications, LATINCOM 2015., 7430126, 2015 7th IEEE Latin-American Conference on Communications, LATINCOM 2015, Institute of Electrical and Electronics Engineers Inc., 7th IEEE Latin-American Conference on Communications, LATINCOM 2015, Arequipa, Peru, 4/11/15. https://doi.org/10.1109/LATINCOM.2015.7430126

Protecting Wireless Mesh Networks through a distributed intrusion prevention framework. / Rodas, Oscar; To, Marco Antonio; Alvarez, Jose et al.
2015 7th IEEE Latin-American Conference on Communications, LATINCOM 2015. ed. / Gonzalo M. Fernandez Del Carpio. Institute of Electrical and Electronics Engineers Inc., 2016. 7430126 (2015 7th IEEE Latin-American Conference on Communications, LATINCOM 2015).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Protecting Wireless Mesh Networks through a distributed intrusion prevention framework

AU - Rodas, Oscar

AU - To, Marco Antonio

AU - Alvarez, Jose

AU - Maag, Stephane

PY - 2016/3/9

Y1 - 2016/3/9

N2 - Wireless Mesh Networks (WMN) are growing rapidly in the research community due to their numerous applications and shared services. A feature in this kind of networks is the any-to-any connectivity, which opens the network for diverse kinds of attacks. These attacks generate extra traffic that possibly carries unauthorized intrusions. Our proposal, the IBW Framework, includes an approach for security in WMN detecting and mitigating the attacks through the use of non-relational databases for the data correlation and the dissemination of intrusion information among the nodes in WMN to reduce the amount of attacks in short time. Data correlation is done from the log data of servers and distributed Intrusion Detection & Prevention Systems (IDSs & IPSs) using syslog information with a particular format. Intrusion Prevention Systems can be implemented with any kind of solution, in our case we proposed iptables. Finally, a Case Study is presented, using the OLSR routing protocol and Brute Force attacks comparing our proposal with an open source blocking tool Fail2Ban. The whole scenario is being emulated in Dockemu to generate similar attack patterns for the result comparison.

AB - Wireless Mesh Networks (WMN) are growing rapidly in the research community due to their numerous applications and shared services. A feature in this kind of networks is the any-to-any connectivity, which opens the network for diverse kinds of attacks. These attacks generate extra traffic that possibly carries unauthorized intrusions. Our proposal, the IBW Framework, includes an approach for security in WMN detecting and mitigating the attacks through the use of non-relational databases for the data correlation and the dissemination of intrusion information among the nodes in WMN to reduce the amount of attacks in short time. Data correlation is done from the log data of servers and distributed Intrusion Detection & Prevention Systems (IDSs & IPSs) using syslog information with a particular format. Intrusion Prevention Systems can be implemented with any kind of solution, in our case we proposed iptables. Finally, a Case Study is presented, using the OLSR routing protocol and Brute Force attacks comparing our proposal with an open source blocking tool Fail2Ban. The whole scenario is being emulated in Dockemu to generate similar attack patterns for the result comparison.

KW - Dockemu

KW - Intrusion detection

KW - classification-based hybrid ips

KW - intrusion prevention

KW - ips

KW - mongodb

KW - scalabe ips

KW - syslog

KW - wireless

KW - wireless mesh networks

UR - https://www.scopus.com/pages/publications/84964715400

U2 - 10.1109/LATINCOM.2015.7430126

DO - 10.1109/LATINCOM.2015.7430126

M3 - Conference contribution

AN - SCOPUS:84964715400

T3 - 2015 7th IEEE Latin-American Conference on Communications, LATINCOM 2015

BT - 2015 7th IEEE Latin-American Conference on Communications, LATINCOM 2015

A2 - Fernandez Del Carpio, Gonzalo M.

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 7th IEEE Latin-American Conference on Communications, LATINCOM 2015

Y2 - 4 November 2015 through 6 November 2015

ER -

Rodas O, To MA, Alvarez J, Maag S. Protecting Wireless Mesh Networks through a distributed intrusion prevention framework. In Fernandez Del Carpio GM, editor, 2015 7th IEEE Latin-American Conference on Communications, LATINCOM 2015. Institute of Electrical and Electronics Engineers Inc. 2016. 7430126. (2015 7th IEEE Latin-American Conference on Communications, LATINCOM 2015). doi: 10.1109/LATINCOM.2015.7430126

Protecting Wireless Mesh Networks through a distributed intrusion prevention framework

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this