DISA

Detection and isolation of sneaky attackers in locally monitored multi-hop wireless networks

Issa Khalil, Saurabh Bagchi, Najah Abuali, M. Hayajneh

Research output: Contribution to journalArticle

1 Citation (Scopus)

Abstract

Local monitoring has been demonstrated as a powerful technique for mitigating security attacks in multi-hop ad hoc networks. In local monitoring, nodes overhear partial neighborhood communication to detect misbehavior such as packet drop or delay. However, local monitoring as presented in the literature is vulnerable to a class of attacks that we introduce here called stealthy packet dropping. Stealthy packet dropping disrupts the packet from reaching the destination by malicious behavior at an intermediate node. However, the malicious node gives the impression to its neighbors that it performed the legitimate forwarding action. Moreover, a legitimate node comes under suspicion. We introduce four ways of achieving stealthy packet dropping, none of which is currently detectable. We provide a protocol called DISA, based on local monitoring, to remedy each attack. DISA incorporates two techniques-having the neighbors maintain additional information about the routing path, and adding some checking responsibility to each neighbor. We show through analysis and simulation that basic local monitoring (BLM) fails to efficiently mitigate any of the presented attacks while DISA successfully mitigates them.

Original languageEnglish
Pages (from-to)1524-1538
Number of pages15
JournalSecurity and Communication Networks
Volume6
Issue number12
DOIs
Publication statusPublished - 1 Dec 2013
Externally publishedYes

Fingerprint

Wireless networks
Monitoring
Ad hoc networks
Network protocols
Communication

Keywords

  • Local monitoring
  • Malicious collusion
  • Misrouting
  • Multi-hop wireless networks
  • Packet dropping
  • Transmission power control

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Information Systems

Cite this

DISA : Detection and isolation of sneaky attackers in locally monitored multi-hop wireless networks. / Khalil, Issa; Bagchi, Saurabh; Abuali, Najah; Hayajneh, M.

In: Security and Communication Networks, Vol. 6, No. 12, 01.12.2013, p. 1524-1538.

Research output: Contribution to journalArticle

@article{74848cc820e9430a88bd6fc492834319,
title = "DISA: Detection and isolation of sneaky attackers in locally monitored multi-hop wireless networks",
abstract = "Local monitoring has been demonstrated as a powerful technique for mitigating security attacks in multi-hop ad hoc networks. In local monitoring, nodes overhear partial neighborhood communication to detect misbehavior such as packet drop or delay. However, local monitoring as presented in the literature is vulnerable to a class of attacks that we introduce here called stealthy packet dropping. Stealthy packet dropping disrupts the packet from reaching the destination by malicious behavior at an intermediate node. However, the malicious node gives the impression to its neighbors that it performed the legitimate forwarding action. Moreover, a legitimate node comes under suspicion. We introduce four ways of achieving stealthy packet dropping, none of which is currently detectable. We provide a protocol called DISA, based on local monitoring, to remedy each attack. DISA incorporates two techniques-having the neighbors maintain additional information about the routing path, and adding some checking responsibility to each neighbor. We show through analysis and simulation that basic local monitoring (BLM) fails to efficiently mitigate any of the presented attacks while DISA successfully mitigates them.",
keywords = "Local monitoring, Malicious collusion, Misrouting, Multi-hop wireless networks, Packet dropping, Transmission power control",
author = "Issa Khalil and Saurabh Bagchi and Najah Abuali and M. Hayajneh",
year = "2013",
month = "12",
day = "1",
doi = "10.1002/sec.152",
language = "English",
volume = "6",
pages = "1524--1538",
journal = "Security and Communication Networks",
issn = "1939-0122",
publisher = "John Wiley and Sons Inc.",
number = "12",

}

TY - JOUR

T1 - DISA

T2 - Detection and isolation of sneaky attackers in locally monitored multi-hop wireless networks

AU - Khalil, Issa

AU - Bagchi, Saurabh

AU - Abuali, Najah

AU - Hayajneh, M.

PY - 2013/12/1

Y1 - 2013/12/1

N2 - Local monitoring has been demonstrated as a powerful technique for mitigating security attacks in multi-hop ad hoc networks. In local monitoring, nodes overhear partial neighborhood communication to detect misbehavior such as packet drop or delay. However, local monitoring as presented in the literature is vulnerable to a class of attacks that we introduce here called stealthy packet dropping. Stealthy packet dropping disrupts the packet from reaching the destination by malicious behavior at an intermediate node. However, the malicious node gives the impression to its neighbors that it performed the legitimate forwarding action. Moreover, a legitimate node comes under suspicion. We introduce four ways of achieving stealthy packet dropping, none of which is currently detectable. We provide a protocol called DISA, based on local monitoring, to remedy each attack. DISA incorporates two techniques-having the neighbors maintain additional information about the routing path, and adding some checking responsibility to each neighbor. We show through analysis and simulation that basic local monitoring (BLM) fails to efficiently mitigate any of the presented attacks while DISA successfully mitigates them.

AB - Local monitoring has been demonstrated as a powerful technique for mitigating security attacks in multi-hop ad hoc networks. In local monitoring, nodes overhear partial neighborhood communication to detect misbehavior such as packet drop or delay. However, local monitoring as presented in the literature is vulnerable to a class of attacks that we introduce here called stealthy packet dropping. Stealthy packet dropping disrupts the packet from reaching the destination by malicious behavior at an intermediate node. However, the malicious node gives the impression to its neighbors that it performed the legitimate forwarding action. Moreover, a legitimate node comes under suspicion. We introduce four ways of achieving stealthy packet dropping, none of which is currently detectable. We provide a protocol called DISA, based on local monitoring, to remedy each attack. DISA incorporates two techniques-having the neighbors maintain additional information about the routing path, and adding some checking responsibility to each neighbor. We show through analysis and simulation that basic local monitoring (BLM) fails to efficiently mitigate any of the presented attacks while DISA successfully mitigates them.

KW - Local monitoring

KW - Malicious collusion

KW - Misrouting

KW - Multi-hop wireless networks

KW - Packet dropping

KW - Transmission power control

UR - http://www.scopus.com/inward/record.url?scp=84888423205&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84888423205&partnerID=8YFLogxK

U2 - 10.1002/sec.152

DO - 10.1002/sec.152

M3 - Article

VL - 6

SP - 1524

EP - 1538

JO - Security and Communication Networks

JF - Security and Communication Networks

SN - 1939-0122

IS - 12

ER -